Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p><strong>Important</strong><br> Before I answer the question, I have to make sure that you understand the insecurity of what you're doing. You REALLY need to go and read about <a href="http://en.wikipedia.org/wiki/SQL_injection" rel="nofollow">SQL injection</a> and re-evaluate how you are designing your queries. You should be escaping ALL of your values (including ones coming out of the database).</p> <p><strong>Answer</strong><br> Ok, so that said, what you <em>should</em> do, is have a <code>pal</code> table which simply links users to other users. The fields would be <code>user_id</code> and <code>pal_id</code>. Both of which are foreign keys of the <code>user_id</code> field in the user table.</p> <p>You can then write a query like this to get the pal information:</p> <pre><code>SELECT usr.* FROM pal INNER JOIN users ON pal.pal_id = users.user_id WHERE pal.user_id = XXX (User's ID here) </code></pre> <p>The array method of storing "pals" is going to get really old, really quick once you start wanting to do more elaborate things (like finding pals of pals and such).</p> <p>You <strong>can</strong> do the query as you have it now if you REALLY want by using the <code>IN</code> keyword (though I recommend changing your DB structure; that will also eliminate the headache of escaping this string). Assuming that your <code>$pal_array</code> variable has a list of user ids separated by a comma: <code>$query_pal_info = "SELECT users.user_id, user_first_name, user_last_name, username, picture_thumb_url, avatar FROM users LEFT JOIN picture ON users.user_id = picture.user_id AND picture.avatar=1 WHERE users.user_id IN ($pal_array)";</code></p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload