Posted by Silvio Porcellana on 09/28/05 19:37

A.J. Brown wrote:
>
> [code]
> $values = join(', ', $array);
> $query = "SELECT * FROM client WHERE clientaccountmanager IN ('$values')"
> [/code]
>
Actually this doesn't seem right, the join should be:
$values = join("', '", $array); # notice the ' inside the "

In addiction, I would (SQL)escape the values joined: supposing you are
using MySQL, I'd do:
$values = join("', '", array_map('mysql_real_escape_string', $array));

HTH, cheers
Silvio

[Back to original message]