the php manual states that MySQL queries should not end with a semicolon. i'm assuming php does this for you in the process of querying but it just seems wrong to leave them out.

can someone please confirm this

thank you
:)


link to php manual: http://se.php.net/manual/en/function.mysql-query.php

Correct. You don't need the semicolon at the end when executing single queries from PHP.

If you want to run several in a single command, though, you will still need to separate them with a semicolon.

great, thanks!

another thing, is there a setting to disable sending multiple queries in a single command - to avoid SQL injection. maybe that's on by default?

I'm not aware of any such option. You can protect against SQL injection simply by binding parameters, as discussed in one of the other threads. As long as you're into the habit of always binding parameters, you'll have nothing (wrt injection attacks) to worry about. :)

i'm sure i read something about prohibiting multi queries somewhere, don't remember where, maybe php.net..

thanks though!