php_guest Posted October 3, 2009 Share Posted October 3, 2009 I am not sure when do I need to use " or ' and when not. A few examples: 1.$result=mysql_query("SELECT * FROM users WHERE user=$user"); 2.$result=mysql_query("SELECT * FROM images WHERE user=$row[user]"); 3.echo $row[user]; Do I need to put in 3rd example $row['user'] or just $row[user] and why? It works also without, is there any security reason? Same questino for first 2 examples. Thank you Link to comment https://forums.phpfreaks.com/topic/176333-beggining-question/ Share on other sites More sharing options...
Garethp Posted October 3, 2009 Share Posted October 3, 2009 Ok, it SHOULD be "SELECT * FROM `users` WHERE `user`='$user'" Table names and column names should be in ` and `, values should be in ' and ' it should be $row['user'] just because it's the propper way to call an assosiative index Link to comment https://forums.phpfreaks.com/topic/176333-beggining-question/#findComment-929393 Share on other sites More sharing options...
trq Posted October 3, 2009 Share Posted October 3, 2009 Non numeric array indexes should always be surrounded by quotes, why? Because they are strings not constants. Link to comment https://forums.phpfreaks.com/topic/176333-beggining-question/#findComment-929394 Share on other sites More sharing options...
trq Posted October 3, 2009 Share Posted October 3, 2009 Ok, it SHOULD be "SELECT * FROM `users` WHERE `user`='$user'" Table names and column names should be in ` and `, values should be in ' and ' it should be $row['user'] just because it's the propper way to call an assosiative index Backticks are not required and in fact should be avoided as they tie your code to mysql. Link to comment https://forums.phpfreaks.com/topic/176333-beggining-question/#findComment-929395 Share on other sites More sharing options...
Alex Posted October 3, 2009 Share Posted October 3, 2009 Yea, back-ticks should only be used if you're using a word that's reserved, which you should avoid to start with. Link to comment https://forums.phpfreaks.com/topic/176333-beggining-question/#findComment-929397 Share on other sites More sharing options...
php_guest Posted October 3, 2009 Author Share Posted October 3, 2009 but how can you then write the following? "SELECT * FROM `users` WHERE `user`='$row['user']'" (this is not correct because ' is already used) Link to comment https://forums.phpfreaks.com/topic/176333-beggining-question/#findComment-929419 Share on other sites More sharing options...
.josh Posted October 3, 2009 Share Posted October 3, 2009 Non numeric array indexes should always be surrounded by quotes, why? Because they are strings not constants. as a best practice, yes. however, php will nonetheless parse them w/out the quotes. Link to comment https://forums.phpfreaks.com/topic/176333-beggining-question/#findComment-929421 Share on other sites More sharing options...
Alex Posted October 3, 2009 Share Posted October 3, 2009 but how can you then write the following? "SELECT * FROM `users` WHERE `user`='$row['user']'" (this is not correct because ' is already used) Within strings to echo a array element you use brackets { }, $sql = "SELECT * FROM `users` WHERE `user`='{$row['user']}'"; Link to comment https://forums.phpfreaks.com/topic/176333-beggining-question/#findComment-929423 Share on other sites More sharing options...
trq Posted October 3, 2009 Share Posted October 3, 2009 however, php will nonetheless parse them w/out the quotes. After generating a notice, yes. Link to comment https://forums.phpfreaks.com/topic/176333-beggining-question/#findComment-929502 Share on other sites More sharing options...
redarrow Posted October 3, 2009 Share Posted October 3, 2009 but how can you then write the following? "SELECT * FROM `users` WHERE `user`='$row['user']'" (this is not correct because ' is already used) Within strings to echo a array element you use brackets { }, $sql = "SELECT * FROM `users` WHERE `user`='{$row['user']}'"; until it all go to [ ] php6 square brackets will be used only. Link to comment https://forums.phpfreaks.com/topic/176333-beggining-question/#findComment-929511 Share on other sites More sharing options...
trq Posted October 3, 2009 Share Posted October 3, 2009 but how can you then write the following? "SELECT * FROM `users` WHERE `user`='$row['user']'" (this is not correct because ' is already used) Within strings to echo a array element you use brackets { }, $sql = "SELECT * FROM `users` WHERE `user`='{$row['user']}'"; until it all go to [ ] php6 square brackets will be used only. Thats not correct. They are changing the way you access string indexes from {} to []. Link to comment https://forums.phpfreaks.com/topic/176333-beggining-question/#findComment-929517 Share on other sites More sharing options...
.josh Posted October 3, 2009 Share Posted October 3, 2009 however, php will nonetheless parse them w/out the quotes. After generating a notice, yes. Bah. Only mortals care about things like so-called "notices." Link to comment https://forums.phpfreaks.com/topic/176333-beggining-question/#findComment-929657 Share on other sites More sharing options...
Alex Posted October 3, 2009 Share Posted October 3, 2009 but how can you then write the following? "SELECT * FROM `users` WHERE `user`='$row['user']'" (this is not correct because ' is already used) Within strings to echo a array element you use brackets { }, $sql = "SELECT * FROM `users` WHERE `user`='{$row['user']}'"; until it all go to [ ] php6 square brackets will be used only. Thats not correct. They are changing the way you access string indexes from {} to []. Oh, that's still good to know. I tend to use {} to access string indexes just from habit (I guess I like to differentiate between strings and arrays), but I guess it's time change that. Link to comment https://forums.phpfreaks.com/topic/176333-beggining-question/#findComment-929710 Share on other sites More sharing options...
trq Posted October 4, 2009 Share Posted October 4, 2009 however, php will nonetheless parse them w/out the quotes. After generating a notice, yes. Bah. Only mortals care about things like so-called "notices." So I guess you have error turned off then? Well done. Link to comment https://forums.phpfreaks.com/topic/176333-beggining-question/#findComment-930033 Share on other sites More sharing options...
.josh Posted October 4, 2009 Share Posted October 4, 2009 I do not have it turned off my server. Link to comment https://forums.phpfreaks.com/topic/176333-beggining-question/#findComment-930164 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.