#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2001
    Posts
    117
    Rep Power
    32

    Thumbs up quotes in SQL strings using mssql / sybasase


    Hello all,

    PHP / Linux/ Apache / talking to MSSQL/ ALL MAGICS ARE OFF

    I'm stumped on this one. I am revamping some code to use $_POST['variableNameHere'] to refer to some variables globally. No biggie.

    With that said, I am using these variables within my SQL statements such as in these lines:

    $query .= " and p.GRPreportDate = '$_POST['reportDate']'";
    $query .= " and c.DistrictID = '$district'";

    The single quotes, such as around reportDate, aren't going over too well, which I expected.

    I have tried adding slashes, then saw that that method wouldn't work and then just changed it to the following:
    $query .= " and p.GRPreportDate = '$_POST[''reportDate'']'";
    using two single quotes are the reportDate name above, and on and on. What do I need to put around this variable for it to work?

    All help is greatly appreciated!
    "I'm between quotes right now"
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2002
    Location
    canada eh
    Posts
    101
    Rep Power
    0

    try this


    try this:
    $query .= " and p.GRPreportDate = '".$_POST['reportDate']."'";
    Dont worry everything is getting nicely out of hand!
    http://thrashcorp.com
    Have you clubbed a seal today?
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2001
    Posts
    117
    Rep Power
    32

    Smile did the trick


    thanks much. I must have a mental block regarding quotes!
    "I'm between quotes right now"
  6. #4
  7. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2002
    Posts
    4
    Rep Power
    0
    just remove the quotes around the array index. so instead of '$_POST["array"]', you can use:

    '$_POST[array]'

    The other option when quotes are giving you problems when dealing with arrays in mysql queries is surround the variable with braces, so this would also work:

    '{$_POST["array"]}'
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2001
    Posts
    117
    Rep Power
    32
    Originally posted by scheck
    just remove the quotes around the array index. so instead of '$_POST["array"]', you can use:

    '$_POST[array]'


    Thanks for the advice. I did find some info regarding leaving off quotes on php.net that I thought I would pass along that I think sounds like good advice:



    http://www.php.net/manual/en/language.types.array.php
    Array do's and don'ts
    Why is $foo[bar] wrong?
    You should always use quotes around an associative array index. For example, use $foo['bar'] and not $foo[bar]. But why is $foo[bar] wrong? You might have seen the following syntax in old scripts:


    $foo[bar] = 'enemy';
    echo $foo[bar];
    // etc



    This is wrong, but it works. Then, why is it wrong? The reason is that this code has an undefined constant (bar) rather than a string ('bar' - notice the quotes), and PHP may in future define constants which, unfortunately for your code, have the same name. It works, because the undefined constant gets converted to a string of the same name.
    "I'm between quotes right now"

IMN logo majestic logo threadwatch logo seochat tools logo