why do you use {} around variables in following sql statement?
SELECT
FROM users
WHERE username = '{$_POST['user']}'
views:
105answers:
2
+5
A:
I presume you are using SQL from within PHP language.
This syntax with {} is used to interpolate array elements embedded in quoted string.
For example, composing the following string:
"Good morning {$_POST['user']} !"
will compile output with the value of variable (array element) dereferenced, for instance:
"Good morning noname !"
SQL queries in PHP are composed from strings, so this {} syntax is used fairly often.
Reference: Variable parsing - complex syntax PHP4+
p.s. It's always a good idea to provide as many details as possible in your question.
mloskot
2010-01-28 01:11:21
but cant u just type echo "Good morning $_POST['user'] !". i think i have tried that before.
weng
2010-01-28 01:13:50
Yes, you can NOT do that. That's why the extra {} are required. Check the Variable parsing section in the reference I linked from my answer. You will find explanation of so called complex syntax with some examples. Simply, use braces to eliminate any potential ambiguity during parsing variables embedded in strings.
mloskot
2010-01-28 01:52:22
+1 for psychic powers.
Dour High Arch
2010-01-28 02:27:43
you can with the double quotes, but not with the single quotes.
Bingy
2010-01-28 03:17:38
+1
A:
you can with the double quotes, but not with the single quotes. the question uses single quotes, so i am not so sure it is in PHP. (mabee it was misstyped for the question)
so
if $_POST['user'] = "fred";
"Good morning {$_POST['user']} !"
translates as Good morning fred !
but
'Good morning {$_POST['user']} !'
translates as Good morning {$_POST['user']} !
Bingy
2010-01-28 03:20:05