This question already has answers here:
Curly braces in string in PHP
(4 answers)
Closed 1 year ago.
What is the difference between the following 2 queries?
mysql_query("UPDATE table SET name = '$name'");
mysql_query("UPDATE table SET name = '{$name}'");
ON the SQL side, there is absolutely no difference : the two queries are exactly the same.
(you can check that by echo-ing them)
{$variable} is a more complete syntax of $variable, that allows one to use :
"this is some {$variable}s"
"{$object->data}"
"{$array['data']}"
"{$array['data']->obj->plop['test']}"
For more informations, you should read the Variable parsing / Complex (curly) syntax section of the manual (quoting a few bits) :
This isn't called complex because the
syntax is complex, but because it
allows for the use of complex
expressions.
Any scalar variable, array element or
object property with a string
representation can be included via
this syntax. Simply write the
expression the same way as it would
appear outside the string, and then
wrap it in { and }.
The curly braces "escape" the PHP variable and are not passed to MySQL. With a simple variable like $name it doesn't make a difference but with something like $user['name'] it does. So there is nothing different between the two queries you have posted in your question.
This query can be used if you want to pass a single variable:
mysql_query("UPDATE table SET name = '$name'");
This can be used if you are passing a value from an array's particular index.
mysql_query("UPDATE table SET name = '{$1}'",$name);
By the way your both queries were also correct in their means.
Related
This question already has answers here:
How do I execute PHP that is stored in a MySQL database?
(7 answers)
Closed 4 years ago.
EDIT: This question has been edited from the original
I have a string in a database with HTML and PHP variable's inside. Some of the HTML has double quotes as if I try to use single quotes the database escapes it by adding a quote in front of it like so: ' '.
I want to query the string and assign it to variable $x. And then use eval("\$x = \"$x\";"); to parse the PHP variable, but it seems the double quote is ruining the eval(), and the variables are not parsing.
Is there a way to allow PHP to read the variable?
I am aware, but anyone reading this should also be aware that using eval() can be very dangerous!
Any help would be greatly appreciated!
If your SQL string looks like this: myVar then php:
$myVar = 'hello!';
echo $$var;
If your SQL string looks like this: 3 + 5 then php:
eval($var);
In first option we use Variable Variables
In second option we use eval to evaluate code in string.
This question already has answers here:
How to put multidimensional arrays double quoted strings?
(2 answers)
Closed 1 year ago.
I'm attempting to access a nested array element within a double quotes string, like this:
"$variable[first_index][second_index]";
This is throwing an Array to string conversion notice and halting my script.
Is there a correct syntax for accessing the data within a string in this manner, or do I need to set a temp variable to reference the required data, and then use THAT in the string?
Use this syntax:
$string = "Value is {$variable["first_index"]["second_index"]}";
It's called complex extended variable syntax and it's very useful. You can access fields of an object inside string in double quotes, as well as nested array.
This question already has answers here:
Should an array be declared before using it? [closed]
(7 answers)
Closed 7 years ago.
In most languages, I have to initialize an associative array before I can use it:
data = {}
data["foo"] = "bar"
But in PHP I can just do
data["foo"] = "bar"
Are there any repercussions to doing this? Is this "the right way" to write PHP?
Is the same, but is not a good idea, the next is a copy-paste from php documentation.
If $arr doesn't exist yet, it will be created, so this is also an alternative way to create an array. This practice is however discouraged because if $arr already contains some value (e.g. string from request variable) then this value will stay in the place and [] may actually stand for string access operator. It is always better to initialize variable by a direct assignment.
Basically it's the same, and no you won't find any problem or repercussion.
But if you like you can do this:
$a = array();
You can read more in the PHP page
This question already has answers here:
PHP curly brace syntax for member variable
(5 answers)
Closed 9 years ago.
http://www.php.net/manual/en/functions.variable-functions.php#24931
That function does something like $this->{$this->varname}(). I tried it out and confirmed that that's valid syntax but it leaves me wondering... where does php.net discuss the use of curly brackets in variable names like that?
Variable variables:
Class properties may also be accessed using variable property names. ...
Curly braces may also be used, to clearly delimit the property name.
See examples on that page, too.
Why shouldn't it work?
These are variable variables/function names.
$f = "time";
$f(); // returns the actual time
It's now the same, only in object context (http://php.net/manual/en/functions.variable-functions.php):
$object->$f; // calls the method with the name $f in $object
Now, to say that it is the method with the name $this->varname, you need to write $this->{$this->varname} as $this->$this->varname will be interpreted as ($this->$this)->varname which results in $this->{$this->__toString()}->varname what you don't want.
This question already has answers here:
How do I pass variables and data from PHP to JavaScript?
(19 answers)
Closed 8 years ago.
I'm trying to call a javascript function with one argument being a variable gotten from a drop box. This script works fine if only passed the value from the current drop box using "this.value", however when trying to pass the variable the code doesn't work. The variable is properly being populated from the value in the drop box when I use echo statements. I think the problem is with actually passing the variable to the javascript function. The function showSection(q, r) is never being called as the write statement is never executing. Any help would be appreciated. Here is my php and javascript code
echo "<select name=\"course\" onchange=\"showSection($q, this.value)\">";
If the $q or this.value are string values, you have to pass it within quotes.
echo "<select name='course' onchange='showSection(\"$q\", \"this.value\")'>";
You need to make sure inserting the value of $q doesn't produce javascript syntax errors. The reasonable way to do that is to use json_encode on the value.
After that you need to make sure both single and double quotes are escaped in that value, to keep the html correct. htmlspecialchars is used for that. In my opinion, converting both single and double quotes always (ENT_QUOTES) is the best choice.
And the end result is (I'm using heredoc syntax here, because I find it more readable):
$escaped = htmlspecialchars(json_encode($q), ENT_QUOTES);
echo <<<HTML
<select name="course" onchange="showSection($escaped, this.value);">
HTML;