[extract]

<form>
... etc
<input type="text" name="username">
<input type="text" name="email">
...
</form>

[/extract]

My database has two fields called userName and userEmail respectively, so part of the query is ..

$sql = " SELECT .. userName as username, userEmail as useremail .. ";

My question is, should I change the form/database field names to be identical and avoid all the 'as' statements in my sql query, or would it be more secure to leave them as they are? You can get the database field names from the <form> that way, but if you check the data thoroughly, it shouldn't matter though, should it?

It'd be easier if the names were same, since the table's got about 20 fields, each of them 'translated' with an -as- statement, and I'm just thinking it's all a bit unnecessary ..

Thanks in advance for any help!
Alex ...