StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
6198584
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
5
CommunityOwnedDate
2011-06-01T11:21:10.640
CreationDate
2011-06-01T08:55:21.140
FavoriteCount
0
LastActivityDate
2011-06-02T08:51:41.300
LastEditDate
2011-06-02T08:51:41.300
LastEditorUserId
680786
OwnerUserId
680786
ParentId
6198104
PostTypeId
2
Score
3
ViewCount
0
LastEditorDisplayName
text
Body
<pre><code>/** * Rule #0: never trust users input! */ //sanitize integer value $id = intval($_GET['id']); //sanitize string value; $name = mysql_real_escape_string($_POST['name']); //1. using `dbname`. is better than using mysql_select_db() //2. names of tables and columns should be quoted by "`" symbol //3. each variable should be sanitized (even in LIMIT clause) $q = mysql_query("UPDATE `dbname`.`tablename` SET `name`='".$name."' WHERE `id`='".$id."' LIMIT 0,1 "); if ($q===false) { trigger_error('Error in query: '.mysql_error(), E_USER_WARNING); } else { //be careful! $name contains user's data, remember Rule #0 //always use htmlspecialchars() to sanitize user's data in output print htmlspecialchars($name).' updated'; } ######################################################################## //Example, how easily is to use set_error_handler() and trigger_error() //to control error reporting in production and dev-code //Do NOT use error_reporting(0) or error_reporting(~E_ALL) - each error //should be fixed, not muted function err_handler($errno, $errstr, $errfile, $errline) { $hanle_errors_print = E_ALL & ~E_NOTICE; //if we want to print this type of errors (other types we can just write in log-file) if ($errno & $hanle_errors_print) { //$errstr can contain user's data, so... Rule #0 print PHP_EOL.'Error ['.$errno.'] in file '.$errfile.' in line '.$errline .': '.htmlspecialchars($errstr).PHP_EOL; } //here you can write error into log-file } set_error_handler('err_handler', E_ALL & ~E_NOTICE & E_USER_NOTICE & ~E_STRICT & ~E_DEPRECATED); </code></pre> And some explanation of comments: <pre><code>//1. using `dbname`. is better than using mysql_select_db() </code></pre> With using mysql_select_db you can create errors, and it will be not so easy to find and fix them. For example, in some script you will set db1 as database, but in some function you need to set db2 as database. After calling this function, database will be switched, and all following queries in script will be broken or will broke some data in wrong database (if names of tables and columns will coincide). <pre><code>//2. names of tables and columns should be quoted by "`" symbol </code></pre> Some names of columns can be also SQL-keywords, and using "`" symbol will help with that. Also, all string-values, inserted to query, should be quoted by ' symbol. <code>//always use htmlspecialchars() to sanitize user's data in output</code> It will help you to prevent <a href="http://en.wikipedia.org/wiki/Cross-site_scripting" rel="nofollow">XSS-attacks</a>.
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POReference: What is a perfect code sample using the MySQL extension?
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. USOZ_
UserOwnerUserId
1. USOZ_
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
3. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.