SitePoint Sponsor

User Tag List

Results 1 to 5 of 5
  1. #1
    SitePoint Evangelist runeveryday's Avatar
    Join Date
    Jul 2009
    Posts
    437
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)

    is this statement right ?

    Code:
    $q = $dbh->query("SELECT dish,price FROM meals WHERE meal LIKE '" . $_POST['meal'] ."'");
    i have looked for lots of articles,finding in mysql,behind LIKE there are two
    institutions,some use '',and some use " ",i don't know which is right ?

    two:
    in the above it uses " behind LIKE,i think it's wrong,and the right is
    LIKE ' $_POST['meal'] '"); am i right ?
    Outdoor tools online store and wargame tools shop
    with best quality and service.
    comp molle tactical vest tactical clothing etc sell

  2. #2
    Follow Me On Twitter: @djg gold trophysilver trophybronze trophy Dan Grossman's Avatar
    Join Date
    Aug 2000
    Location
    Philadephia, PA
    Posts
    20,578
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    You have two syntaxes to think about, PHP and SQL.

    The SQL query you want will have single quotes in it.

    Code:
    SELECT dish, price FROM meals WHERE meal LIKE '%something%'
    The PHP code is building a string by concatenating literal strings, enclosed in double quotes, with variables.

    PHP Code:
    $string "Some literal concatenated with a " $variable " plus another literal string"
    Your literal string contains single quotes, so you will have single quotes within the double quoted literal.

    PHP Code:
    $string "A literal with 'single quotes' inside of it."
    The single quotes just happen to need to be before and after the variable you're concatenating with the strings, so you get the double quotes following the single quotes.

    PHP Code:
    $string "A string with a '" $variable "' enclosed in single quotes."

  3. #3
    SitePoint Evangelist runeveryday's Avatar
    Join Date
    Jul 2009
    Posts
    437
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    according to your said,
    Quote Originally Posted by Dan Grossman View Post
    You have two syntaxes to think about, PHP and SQL.


    The PHP code is building a string by concatenating literal strings, enclosed in double quotes, with variables.

    PHP Code:
    $string "Some literal concatenated with a " $variable " plus another literal string"

    The single quotes just happen to need to be before and after the variable you're concatenating with the strings, so you get the double quotes following the single quotes.

    PHP Code:
    $string "A string with a '" $variable "' enclosed in single quotes."
    i find the two example is the same,both hava a variable to concatenate,but the display is different,one has an single quotes after a,one don't.why ?
    Outdoor tools online store and wargame tools shop
    with best quality and service.
    comp molle tactical vest tactical clothing etc sell

  4. #4
    SitePoint Evangelist runeveryday's Avatar
    Join Date
    Jul 2009
    Posts
    437
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    i know ,the above's output is only the $variable ,but the next is the $variable 's value.is this the reason?
    Outdoor tools online store and wargame tools shop
    with best quality and service.
    comp molle tactical vest tactical clothing etc sell

  5. #5
    Follow Me On Twitter: @djg gold trophysilver trophybronze trophy Dan Grossman's Avatar
    Join Date
    Aug 2000
    Location
    Philadephia, PA
    Posts
    20,578
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    The examples are not the same; in one instance the resulting string assigned to $string has single quotes within the string, in the other it does not. It's not syntax there, it's part of the string you're assigning to a variable. Play around with it until you figure it out. Your goal is to build a SQL query, a string, that contains single quotes, as that's the SQL syntax. The reason for the single quotes in the code will become obvious.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •