Mysql query containing a php array key? ie. "WHERE profession = $user['profession'] "
How do i deal with something like this:
"SELECT skills FROM jobs WHERE profession = $user['profession']"
where profession is a s开发者_JAVA百科tring...
Just use
"SELECT skills FROM jobs WHERE profession = '{$user['profession']}'"
PHP allows you to mix quotation marks like that
Note Assuming all the security checks and validations are done before this bit
Another alternate way
"SELECT skills FROM jobs WHERE profession =
'".mysql_real_escape_string($user['profession'])."'";
If you don't need mysql_real_escape_string() just remove it.
"SELECT skills FROM jobs WHERE profession ='".$user['profession']."'";
$profession = mysql_real_escape_string( $user['profession'] );
$query = 'SELECT skills FROM jobs WHERE profession = "' . $profession . '"';
加载中,请稍侯......
精彩评论