php - SQL QUESTION - Difference between using special characters with '' or with "" in a query in PHP
问题描述
In this php function I'm doing a query to tables that the name contain special characters like $
so in php If I use ""
in the query the application thinks that the table name is a variable so it returns Variable not found
.
Exemple 1:
$SQL = "SELECT COUNT(*)
FROM [table_name$1]
left join [table_name$2] as d on [Code] = d.[Code]
where d.[Dimension Code] = 'NAT'
and [Request Code] not like 'AC%'";
But if I use ''
in the query he thinks that everything inside ""
is a column so it returns Invalide column Name
in this case NAT
Exemple 2:
$SQL = 'SELECT COUNT(*)
FROM [table_name$1]
left join [table_name$2] as d on [Code] = d.[Code]
where d.[Dimension Code] = "NATUREZA FUNC"
and [Request Code] not like "AC%"';
Best way to escape this problem?
I now you can use mysql_real_escape_string
to escape them but there´s a lot of tables. I would like to now if it exists a more efficient way
解决方案
That is a really unclear database naming convention. Have you tried to use backticks ( ` ) to surround table references. See: When to use single quotes, double quotes, and backticks in MySQL
Also using prepared statements might be a better option.
推荐阅读
- c++ - 在另一个类中调用一个类的实例作为不同cpp文件的参数输入
- ajax - 修改 Wordpress 插件?
- javascript - 异步函数触发两次 - angular firestore
- jquery - jQuery查找所有以m开头的元素并找到m的下一个增加值?
- octave - 为什么我为吴恩达写的课程不被接受?
- ember.js - Ember 使用本地 JSON 文件而不是教程中提供的 Mirage
- merge - Yii2:如何将关系合并为一个
- ruby-on-rails - 如何从一对多关系切换到一对一关系
- c# - 带有 LostFocus 触发器的元素上的显式 UpdateSource
- java - 实现智能井字游戏对手