Home/ Questions/Q 6005683
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T01:25:56+00:00

I’m fairly novice with SQL (reading right now). I’m wondering if there is a

  • 0

I’m fairly novice with SQL (reading right now). I’m wondering if there is a better way in PHP to get a MySQL data item than the following:

$sql = "SELECT `topic_id` from `topics` WHERE `user_id` = ".$userId." AND `topic` = ".$topic.";";
$topicRow = mysql_query($sql);
$row = mysql_fetch_array($topicRow);
$topicId = $row['topic_id'];

I mean, 4 variables were created to get 1 item. Am I doing something incorrectly?

Thank you

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The amount of vars is not a real issue, you could put the sql-string in your query if you want, but you’re not really winning anything measurable. Please do not look for efficiency there. While the answers of @genesis and @patapizza are correct as far as I can see, they do not help you in any way to better your code, but only make it less readable.

    You should look into parametereized queries (take a look at using PDO): You should split your content ($userId) and your SQL-command.

    An example from the manual:

    $sth = $dbh->prepare('SELECT name, colour, calories
    FROM fruit
    WHERE calories < ? AND colour = ?');
$sth->execute(array(150, 'red'));
$red = $sth->fetchAll();

    You don’t have to escape the various things you put in your query, so you’re save from injection.

    (ow, and coincidently, only using 2 variables.. jeeeej 🙂 )

    • 0