SQL concatenation errors?
I have the following line in my .php file:
$resNewsl = mysql_query("SELECT * FROM newsletters WHERE newsletter_id='".$id."' ");
and get the following errors:
1. error at =
2. highlighting error (not highliting the whole sql statement)
WIP: 95.117
Please sign in to leave a comment.
Language Injection into concatenated strings is not supported. Watch http://youtrack.jetbrains.net/issue/WI-534 to track progress.
Rewrite in "SELECT .. id=$id" style.
thanks. Hope that atleast the error notification will be fixed
Nope. You've to either rewrite query to be single literal w/o concatenation, disable injection or wait for WI-534.
That is really bad code style (and even performs badly in terms of CPU cycles) and every PHP developer is taught to use single quotes.
However, the link to "WI-534", whatever it is, is dead.