Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    Senior Coder
    Join Date
    May 2006
    Posts
    1,673
    Thanks
    28
    Thanked 4 Times in 4 Posts

    Haven't they overdone the quote in this sql update ?

    Hi,

    I am modifying a script.

    At present it looks like this:

    PHP Code:
    $strQuery "insert into paypal_payment_info(paymentstatus,buyer_email,firstname,lastname,street,city,state,zipcode,country,mc_gross,mc_fee,itemnumber,itemname,os0,on0,os1,on1,quantity,memo,paymenttype,paymentdate,txnid,pendingreason,reasoncode,tax,datecreation) 
         values 
         ('"
    .$payment_status."','".$payer_email."','".$first_name."','".$last_name."','".$address_street."','".$address_city."','".$address_state."','".$address_zip."','".$address_country."','".$mc_gross."','".$mc_fee."','".$item_number."','".$item_name."','".$option_name1."','".$option_selection1."','".$option_name2."','".$option_selection2."','".$quantity."','".$memo."','".$payment_type."','".$payment_date."','".$txn_id."','".$pending_reason."','".$reason_code."','".$tax."','".$fecha."')";
         
    $result mysql_query($strQuery) or die("Default - paypal_payment_info, Query failed:"mysql_error()); 
    Is there any need for those ". and ."
    in this '".$payment_status."','".$payer_email."' ?

    I usually just write ('$payment_status', ...
    isn't that enough ?

    I don't want to re-write this (simplify it ) if there is
    a valid reason for the extra code, but if not I'd rather make it easier on the eye.

    Any thoughts ?

  • #2
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,979
    Thanks
    4
    Thanked 2,659 Times in 2,628 Posts
    Ehhhh sorta. I would agree with the breaking of variables out, mainly because I don't agree with PHP's handling of parsable strings. For that reason, I tend to stay with single quotations and use escaping.
    I'm a print formatter though, so more often you would see me using something more along this lines:
    PHP Code:
    $sQry sprintf('SELECT * FROM %s WHERE %s = \'%s\'''myTable''myField'$myField); 
    Which actuallly worked out pretty good with the new mysqli extension replacement for the binding.

    The problem with the one that you have is that there is no optimization gain at this point. The original use of double quotations will slow down the processing (since it assumes there may be variables that need expansion), so breaking out I would suspect would slow it down even more; however, at the same time with a colour mark-up it is very readable since I can identify every variable in use.

    This would probably be the fastest next to the sprintf:
    PHP Code:
    $strQuery 'insert into paypal_payment_info(paymentstatus,buyer_email,firstname,lastname,street,city,state,zipcode,country,mc_gross,mc_fee,itemnumber,itemname,os0,on0,os1,on1,quantity,memo,paymenttype,paymentdate,txnid,pendingreason,reasoncode,tax,datecreation) 
         values 
         (\''
    .$payment_status.'\',\''.$payer_email.'\',\''.$first_name.'\',\''.$last_name.'\',\''.$address_street.'\',\''.$address_city.'\',\''.$address_state.'\',\''.$address_zip.'\',\''.$address_country.'\',\''.$mc_gross.'\',\''.$mc_fee.'\',\''.$item_number.'\',\''.$item_name.'\',\''.$option_name1.'\',\''.$option_selection1.'\',\''.$option_name2.'\',\''.$option_selection2.'\',\''.$quantity.'\',\''.$memo.'\',\''.$payment_type.'\',\''.$payment_date.'\',\''.$txn_id.'\',\''.$pending_reason.'\',\''.$reason_code.'\',\''.$tax.'\',\''.$fecha.'\')'
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 

  • #3
    Senior Coder
    Join Date
    May 2006
    Posts
    1,673
    Thanks
    28
    Thanked 4 Times in 4 Posts
    WOW - I did not realise it was that complicated!

    So is this version going to be very slow ?

    $Query = "insert into somewhere (status, buyer, firstname,)
    VALUES ('$Db_status', '$Db_payer', '$Db_first_name')";

    This is what I usually use as it is easy for me to read and I get less
    errors to de-bug.

    If I wrote it withall those .'\', I am sure that I would write more errors and spend more time de-bugging.

    Does it really slow down the processor a lot to do it the way I do it ?

  • #4
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,979
    Thanks
    4
    Thanked 2,659 Times in 2,628 Posts
    No, not enough to substantiate a change in you're programming practice.
    I've always written my code like this so its not a problem for me. The double quotation variable expansion is a feature of PHP, and is optimized fairly well considering what it does. It is slower yes, but this is coming into the nitpick details like comparing the speed of using:
    PHP Code:
    for ($i 0$i $count$i++) 
    versus
    PHP Code:
    for ($i 0$i $count; ++$i
    where the latter is faster and better on memory since preincrements don't require temporary variables. They will both complete in a reasonable time (assuming the loops are well controlled), but the pre-increment will complete in a more reasonable amount of time.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 

  • Users who have thanked Fou-Lu for this post:

    jeddi (06-17-2009)

  • #5
    Senior Coder
    Join Date
    May 2006
    Posts
    1,673
    Thanks
    28
    Thanked 4 Times in 4 Posts
    Thanks for this:

    No, not enough to substantiate a change in you're programming practice.
    It is easy for some experts to go on about these nitpikky things and make guys like me feel that we have done it all wrong.

    So I appreciate your honesty and practical answer


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •