Thread:User talk:Ryan lane/File:Ryan Lane - How to be a part of the MediaWiki developer community.pdf

Hey. I was reading your File:Ryan_Lane_-_How_to_be_a_part_of_the_MediaWiki_developer_community.pdf that you had linked on the mailing list. It looks like quite a good introduction for newbies, but one thing that was bothering me is on page 11 you had: $escID = $dbr->addQuotes( $id ); $dbr->query( "SELECT * FROM foo WHERE foo_id= $escID" ); as acceptable. Really to be acceptable, foo needs to be escaped with  or the code won't work on wikis that use db prefixes.