horseatingweeds Posted June 12, 2008 Share Posted June 12, 2008 This must be a stupid question, but I can't find the answer in php or mysql docs, or searching. What does a ? mean in a query like this: $query = sprintf("select url from %s where user_id = %d and url like ?", $this->_table, $this->user_id); Quote Link to comment Share on other sites More sharing options...
teng84 Posted June 12, 2008 Share Posted June 12, 2008 ? <- will match any characters Quote Link to comment Share on other sites More sharing options...
fenway Posted June 12, 2008 Share Posted June 12, 2008 ? <- will match any characters This is for use in a prepared statment. Quote Link to comment Share on other sites More sharing options...
horseatingweeds Posted June 12, 2008 Author Share Posted June 12, 2008 So what does the stupid ? mean in an sql statement - like in my example? Quote Link to comment Share on other sites More sharing options...
wildteen88 Posted June 12, 2008 Share Posted June 12, 2008 Fenway gave you the answer. Its for use with Prepared Statements. You'll find the answer under the What are server-side prepared statements? heading. Quote Link to comment Share on other sites More sharing options...
horseatingweeds Posted June 12, 2008 Author Share Posted June 12, 2008 Yeah right wildteen88. You know, when you're dealing with technical information on a forum like this you have to remember you're not talking to yourself, you're talking to people that don't understand something. Fenway gave me a clue. Your article didn't have anything about a ?. And I still don't know what <- is all about. No answers. So, from reading in a book I have, after the prepared statements clue, I guess ? is a place holder for something else. "It's a place holder for something." would have been an answer. I'm still confused a bit. But in the code I'm looking at, the line after my example above is: $query = $this->_db->quoteInto($query, $url . '%'); So I guess the ? is a placeholder for the $url variable. Quote Link to comment Share on other sites More sharing options...
fenway Posted June 13, 2008 Share Posted June 13, 2008 <- is an arrow. Your article didn't have anything about a ?. Actually, I guess you didn't actually read the article -- don't blame wildteen88. What are server-side prepared statements? Prepared statements are the ability to set up a statement once, and then execute it many times with different parameters. They are designed to replace building ad hoc query strings, and do so in a more secure and efficient manner. A typical prepared statement would look something like: SELECT * FROM Country WHERE code = ? The ? is what is a called a placeholder. When you execute the above query, you would need to supply the value for it, which would replace the ? in the query above. Anyway, since we can't guess what quoteInto does, it's hard to say... but since there are only two parameters, it appears that the placeholder will be substituted with "$url . %" Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.