Currently i am executing the code like this to access data from oracle db
$fetchVals ="select name, address from address_table where id_no=:number";
$parseStmt = oci_parse($conn, $fetchVals);
oci_bind_by_name($parseStmt, ':number', $numVal);
oci_execute($parseStmt);
My first question is, Can I use the code below to achieve the same result?
$fetchVals ="select name, address from address_table where id_no='$numVal'";
$parseStmt = oci_parse($conn, $fetchVals);
//oci_bind_by_name($parseStmt, ':number', $numVal);
oci_execute($parseStmt);
I checked it, and I am getting the correct result.
My second question is, does this code pose any other problems? If so, please explain.
Thanks