Joketext= " ' . $joketext . ' " huh?

$sql = ‘INSERT INTO joke SET
joketext="’ . $joketext . ‘",
jokedate=CURDATE()’;

from page 140 of Yank’s DRIVEN book…wow!..what is with the concatenation and double and single quotes there???

Now, i do understand that $joketext is a variable and that it has to be surrounded by double quotes to be interpolated. I understand that.

but the concatenation operator tacks strings together. I understand that $joketext represents a string. Fine. But if there are two concat operators, as we have above, then there must be THREE strings up there. Let’s say that $joketext is one. Then what are the other two strings being concatenated with $joketext ??

Is " ’ one string and ’ " another string? I do not think so…

Does this code even work???

what happened when you tested it?

:stuck_out_tongue:

$sql = 
 'INSERT INTO joke SET joketext = "'   // <-- string 1
   . 
 $joketext                             // <-- string 2
   .
 '", jokedate = CURDATE()'             // <-- string 3
;

But, since string values in the query must be surrounded by single quotes, you could write it like this:


$sql = "
  INSERT INTO joke 
  SET 
      joketext = '$joketext'
    , jokedate = CURDATE()
";

WELL, if I had tested it, and if it had worked, I would have never asked that question. And if it had not worked, then I would not have asked that question either. So, you see, the answer to your question is inherent in my question.

And you see, you should test your code first, and if it doesn’t work, and you can’t find the problem/solution, then you ask :slight_smile:

so you’re saying the book is wrong? :shifty:

I see. The first block of text makes it clear what the three strings are. I completely missed the outer single quotes. Never saw them. But in your second block of text, why put single strings around $joketext?

No. If I had meant to say that, there would be a sentence in that post saying something like “this book is wrong!”

Do you see such a sentence?

Too busy to do that. Maybe this weekend.

And also, my main issue is not whether the code works, but to UNDERSTAND the code. Whether it works or not is secondary. Understanding is primary.

MySQL :: MySQL 5.5 Reference Manual :: 8.1.1 Strings

So I was wrong saying that you must use single quotes around strings, it seems double quotes are also allowed in MYSQL.

The advantage of using double quotes to surround the entire query, and single quotes to surround the string values in the query, is that you don’t have to concatenate variables as you can see in my example.

Okay, I’ll add the mandatory link to [fphp]mysql_real_escape_string[/fphp] here :slight_smile:

Are you saying it isn’t? :shifty: Seems to me like he mixed up single and double quites in that example.

of course not

i was trying to determine why he would post a question about some sql without testing it

turns out he’s not really interested in testing :smiley:

it’s called ‘having a job’

seems to me that THIS is the way the code should have been written:

$sql = ‘INSERT INTO joke SET
joketext=’ . " $joketext" .
‘, jokedate=CURDATE()’;

that way $joketext gets interpolated by the double quotes when this above is executed. And then the concat operator glues together the entire string, which consists of this:
‘single quote string’ . “double quote string” . ‘single quote string’;

remember, it is the php interpreter that is intepolating the $joketext variable, not mysql, and that interpolation must happen BEFORE the entire string is concatenated together.

Should be more like


$joketext = mysql_real_escape_string($joketext);
$sql = "insert into joke (joketext, jokedate) values ('{$joketext}', curdate());";

Sorry caps. Posting from phone.

i agree… the INSERT SET syntax, while it works in mysql, is non-standard, and will barf all over da floor if you ever wish to switch database systems

when mysql supports both standard sql and proprietary ways of accomplishing the same thing, i strongly recommend using the standard sql way

:slight_smile:

All about ANSI-92 baby

but the INSERT SET syntax is not the question–the question is whether the concat operator and quotes are correct.

but at this point in the book, he had not introduced the real escape function, so let’s just pretend that there are no characters in the string that need escaping. And let us ignore what is the more desirable INSERT syntax.

Are the concat operators and the quotes correct?