21 Posts
Mikeherbo
2 years ago
0
Topic

Hi, 

I was looking joomla's documentation and they said that for security i should use:

// For SQL data types: INT, INTEGER, TINYINT, SMALLINT, MEDIUMINT, BIGINT, YEAR

$query = 'SELECT * 

FROM #__table 

WHERE `id`=' . (int) $id;

In the field SQL I try :

SELECT COUNT(id) 

FROM #__cck_store_form_music 

WHERE id_user_music = '.(int) $cck->getValue('cck_author_id');

I have the following error : 

1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''.(int) 1046'

1046 is the ID of cck_author_id.

What is the correct way to add integer to value please.

Get a VIP membership