Rifts Posted December 22, 2010 Share Posted December 22, 2010 mysql_query("INSERT INTO people (company, lname) VALUES ('clean($_POST[Company])', 'clean($_POST['lname'])' "); using a clean function in the query instead of doing it before hand? Quote Link to comment Share on other sites More sharing options...
the182guy Posted December 23, 2010 Share Posted December 23, 2010 Everyone has their own opinion on bad practice, IMO yes it is because it makes the code harder to read and debug. Also I think it's good practice to or your query in a variable rather than directly into the function like that. Doing that will make it quicker to debug if you have a problem with the query you can quickly echo it out to debug. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.