How do i change the SELECT query from this:
$tre = mysql_query("SELECT System_id, Full_name FROM accounts
WHERE Full_name LIKE '". mysql_real_escape_string($_GET['q'])."%' LIMIT 5");
To having this query below in $tre:
SELECT DISTINCT contacts.friend_id, accounts.full_name,
accounts.system_id
FROM contacts, accounts
WHERE (contacts.system_id = '$sid' AND contacts.friend_id
= accounts.system_id) OR (contacts.friend_id = '$sid'
AND contacts.system_id = accounts.system_id)
I want the to place the second query inside of $tre = mysql_query();
I am having trouble doing so because the second query has brackets in them and being new i am not sure how to do it correctly.
Also, the brackets do not affect the query. just place it inside the double quotations and PHP will know to send the whole query to MySQL.
Also: If $sid comes from any user input put something like this in place of $sid:
" . mysql_real_escape_string($sid) . "