Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

quotes matching 4

Status
Not open for further replies.

DoubleV

Programmer
Jan 11, 2002
358
US
take a look at the piece of code below:
Code:
$sql = "INSERT INTO Jokes SET
  JokeText = '$_POST[joketext]',
  JokeDate = CURDATE()";
from what i read usually, the expression on the second line should read $_POST['joketext'] but the only way i could make the whole statement work was to take the quotes off 'joketext'. so is there any kind of trick to keeping those quotes or is it perfectly fine to omit the quotes around 'joketext' in this particular case? --------------------------------------------------
Goals are dreams with deadlines
-------------------------------------
 
Try:

$sql =
"INSERT INTO Jokes SET JokeText = '" .
$_POST[joketext] .
"
', JokeDate = CURDATE()";

Concatenates three strings: a string that begins with "INSERT" and end with a single quote, a second string which is the value from the variable, and a third which begins with a single quote and ends with "CURDATE()" Want the best answers? Ask the best questions: TANSTAAFL!
 
Thanks s much again1
worked like a charm.
i also found another way:
Code:
$sql = "INSERT INTO Jokes SET
  JokeText = '{$_POST['joketext']}', 
  JokeDate = CURDATE()";
--------------------------------------------------
Goals are dreams with deadlines
-------------------------------------
 
i decided tp comtinue in this thread, since it is the same topic.
the solution above (concatenating strings) works well when that variable is in the middle of the statement. now i have a variable that has to be placed at the end, and can't get it to work:
Code:
$sql = "UPDATE Authors SET Name='" . $_POST['name'] . "', Email='" . $_POST['email'] . "' WHERE ID=" . $_POST['id'] . ";
i have tried putting "" in the end, but that did not do it either. --------------------------------------------------
Goals are dreams with deadlines
-------------------------------------
 
Why put anything there?

If what you want is
WHERE ID=13
for example... just get rid of the end so you have
$sql = "UPDATE ... '" . $_POST['name'] . "', Email='" .$_POST['email'] ."' WHERE ID=" . $_POST['id'];

And what do you mean did not do it? As in PHP caused an error, or the SQL didn't work, or you printed the variable and it didn't look how you wanted?

-Rob
 
i believe the value for $_POST['id'] should have quotes around it, ie.

"'WHERE ID='".$_POST['id']."'"; what we see depends mainly on what we're looking for.
--unknown
 
It's that trailing quote.

DoubleV:
Think about it. You're concatenating a variable to a string literal. If no other string literal follows the variable in the concatenation, why would you have that last quote there?

Or another way to look at it. Did the number of double-quotes in that statement come out to an even number? If not, then you're going to get a parse error. Want the best answers? Ask the best questions: TANSTAAFL!
 
*blushing* the main reason it did not work is because it should have been $_GET['id'] and not POST ... doh! and then there was the quotes issue.
bedrock, your suggestion worked, but it leads to another question: ID was specified as INT when a table was created, but don't quotes mean 'string'? so why, if ID is an INT, did it still work with quotes around it?
skiflyer, yep - that's exactly what i meant like WHERE ID = 13, and it all works now.
thanks! --------------------------------------------------
Goals are dreams with deadlines
-------------------------------------
 
to be honest, im not sure. someone with more mysql knowledge should post the answer to that. i guess i have always used quotes and its always worked. just a habit i got into when i learned sql (taught myself, maybe that has something to do with it) so apparently mysql doesnt distinguish between the two. im going to stop answering questions now and eat so i can think straight and not confuse everyone. what we see depends mainly on what we're looking for.
--unknown
 
There was a thread yesterday (thread436-443453) in the MySQL forum about this very thing yesterday.

MySQL, where possible, will to the type translation for you. Of course, it can't put a string in an int, but it can translate the other way.

But the type translation will give you a performance hit. This has been noticed on SELECT queries against large databases, and the problem is very noticeable in the newest versions of MySQL.

The problem is that if MySQL has to translate the types of the columns, it doesn't use table indeces to perform lookups, so searches become brute force and very very slow. The original poster reported a complex query that took hours to run now takes minutes once he figured out the problem.

In short, always match the parameter type to the column type. You'll wring the best performance out of MySQL. Want the best answers? Ask the best questions: TANSTAAFL!
 
sleipnir214,
looks like we were posting at the same time.
i did not realise that the error was because of me using POST instead of GET. But I was getting an SQL syntax error and that's why i was trying to play with the quotes - i was confdent that my error was because of them.
can you still explain the question I asked about bedrock's example?
--------------------------------------------------
Goals are dreams with deadlines
-------------------------------------
 
we were posting at the same time again *grin*
Thanks so much for a very detailed reply. very much appreciated.
now, where was that medal??? *DoubleV is looking around to find one suitable for the occasion* a-ha, here it is:
medal.gif

and thanks to everybody else as well. --------------------------------------------------
Goals are dreams with deadlines
-------------------------------------
 
sleipnir214,
i am not sure that the link you gave me to that MySQL thread is correct. could you please double check? --------------------------------------------------
Goals are dreams with deadlines
-------------------------------------
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top