× This forum is read only. As of July 23, 2019, the UserSpice forums have been closed. To receive support, please join our Discord by clicking here. Thank you!

  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Running Update Query
#31
I've almost mastered this...almost is keyword. I am trying to bind LIMIT variable. I'm testing this prior to using it for my pagnation. However, when I use the following statement, it returns an empty array:
Code:
$q = $db->query("SELECT * FROM dates WHERE dateclosed = ? AND user_id = ? LIMIT ?", array(0,$uid,1));

But when I run:
Code:
$q = $db->query("SELECT * FROM dates WHERE dateclosed = ? AND user_id = ? LIMIT 1", array(0,$uid));

It runs fine and returns a good array, but the point of PDO is to bind variable, I'm eliminating this purpose of I end up putting
Code:
LIMIT $start,$finish
right into the statement.

Thoughts? Thanks in advance!
  Reply
#32
I don't think there is any kind of downside to not binding those variables. There really isn't anything anyone could inject into that limit that could be a real security vulnerability to you. I guess it's possible, but I think you're ok.
  Reply
#33
Sweet, I shall continue! Was just concerned something could go wrong Big Grin
  Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)