SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. #1
    SitePoint Enthusiast
    Join Date
    Jun 2003
    Location
    Mermaid beach 4218
    Posts
    37
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Angry probs with variables and scope

    Hi all, i have a project for which i decided to pull out all the sql queries and stick them in one file. so i have a number of queries like for eg.

    $SQL_INSERTINVENTORY = "INSERT INTO inventory (serialNumber, modelNumber) VALUES ('$serialNumber', '$HTTP_POST_VARS[modelNumber]')";

    and execute it with something like

    $invResult = $db->withReturn($SQL_INSERTINVENTORY);

    now, the $HTTP_POST_VARS variable, which is passed to the function as a parameter, is evaluated and assigned as i want it to. however if i manipulate the HTTP_POST_VAR variable before inserting it and assign it to another local variable OR i just generate a local variable, it does not get assigned properly in the sql query.

    upon echoing the query, i get the following

    INSERT INTO inventory (serialNumber, modelNumber) VALUES ('', 'aModelNumber')

    notice that the local var does not get assigned.

    is this because the local var is not available at the time that the SQL query file is included? if this is the case, how would i go gettign around this problem? would the eval function help at all, i've tried it in several different ways with no luck.

  2. #2
    SitePoint Wizard Ren's Avatar
    Join Date
    Aug 2003
    Location
    UK
    Posts
    1,060
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by dozenmatta
    Hi all, i have a project for which i decided to pull out all the sql queries and stick them in one file. so i have a number of queries like for eg.

    $SQL_INSERTINVENTORY = "INSERT INTO inventory (serialNumber, modelNumber) VALUES ('$serialNumber', '$HTTP_POST_VARS[modelNumber]')";

    and execute it with something like

    $invResult = $db->withReturn($SQL_INSERTINVENTORY);

    now, the $HTTP_POST_VARS variable, which is passed to the function as a parameter, is evaluated and assigned as i want it to. however if i manipulate the HTTP_POST_VAR variable before inserting it and assign it to another local variable OR i just generate a local variable, it does not get assigned properly in the sql query.

    upon echoing the query, i get the following

    INSERT INTO inventory (serialNumber, modelNumber) VALUES ('', 'aModelNumber')

    notice that the local var does not get assigned.

    is this because the local var is not available at the time that the SQL query file is included? if this is the case, how would i go gettign around this problem? would the eval function help at all, i've tried it in several different ways with no luck.
    Yeah, the variables are evaluted as soon as the query file parsed.

    One possible way is to use sprintf()
    Code:
    $SQL_INSERTINVENTORY = "INSERT INTO inventory(serialNumber, modelNumber) VALUES('%s', '%s')";
    
    $invResult = $db->withReturn(sprintf($SQL_INSERTINVENTORY, $serialNumber, $HTTP_POST_VARS['modelnumber']);
    (PS: if serialNumber & modelNumber are strings they should be escaped first.
    Code:
    $invResult = $db->withReturn(sprintf($SQL_INSERTINVENTORY, $db->escapeString($serialNumber), $db->escapeString($HTTP_POST_VARS['modelnumber']));
    )

    Also dont have to use a variable, a define may work better.

    Code:
    define('SQL_INSERTINVENTORY', "INSERT INTO inventory(serialNumber, modelNumber) VALUES('%s', '%s')");
    
    $invResult = $db->withReturn(sprintf(SQL_INSERTINVENTORY, $serialNumber, $HTTP_POST_VARS['modelnumber']);

  3. #3
    SitePoint Enthusiast
    Join Date
    Jun 2003
    Location
    Mermaid beach 4218
    Posts
    37
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks for that, looks like a good idea.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •