Is this statement right?

$q = $dbh->query("SELECT dish,price FROM meals WHERE meal LIKE '" . $_POST['meal'] ."'");

i have looked for lots of articles,finding in mysql,behind LIKE there are two
institutions,some use ‘’,and some use " ",i don’t know which is right ?

in the above it uses " behind LIKE,i think it’s wrong,and the right is
LIKE ’ $_POST[‘meal’] '"); am i right ?

You have two syntaxes to think about, PHP and SQL.

The SQL query you want will have single quotes in it.

SELECT dish, price FROM meals WHERE meal LIKE '%something%'

The PHP code is building a string by concatenating literal strings, enclosed in double quotes, with variables.

$string = "Some literal concatenated with a " . $variable . " plus another literal string";

Your literal string contains single quotes, so you will have single quotes within the double quoted literal.

$string = "A literal with 'single quotes' inside of it.";

The single quotes just happen to need to be before and after the variable you’re concatenating with the strings, so you get the double quotes following the single quotes.

$string = "A string with a '" . $variable . "' enclosed in single quotes.";

according to your said,

i find the two example is the same,both hava a variable to concatenate,but the display is different,one has an single quotes after a,one don’t.why ?

i know ,the above’s output is only the $variable ,but the next is the $variable 's this the reason?

The examples are not the same; in one instance the resulting string assigned to $string has single quotes within the string, in the other it does not. It’s not syntax there, it’s part of the string you’re assigning to a variable. Play around with it until you figure it out. Your goal is to build a SQL query, a string, that contains single quotes, as that’s the SQL syntax. The reason for the single quotes in the code will become obvious.