Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    New Coder
    Join Date
    Jan 2013
    Posts
    68
    Thanks
    19
    Thanked 1 Time in 1 Post

    Confused By PHP/MySQL Syntax

    Can someone explain what the following bit of code does, or better yet, how it does it? I know it inserts values into a database but it's written in a way that I've never seen. By the way, I'm very new to PHP and MySQL.

    PHP Code:
    $insert "INSERT INTO attempts (`ip`, `when`) VALUES ( ?, ? )";
    $data = array($_SERVER['REMOTE_ADDR'], date("Y-m-d H:i:s"));
    $input $pdo->prepare($insert);
    $input->execute($data); 
    I don't understand the use of ` because I've always used ', and then the ?,? in the values field is strange too. Why not just write it as:

    PHP Code:
    $ip $_SERVER['REMOTE_ADDR'];
    $when date("Y-m-d H:i:s");
    $insert mysql_query("INSERT INTO attempts (ip, when) VALUES ('$ip', '$when')"); 
    I'm figuring there must be a reason for the first method...or not.

  • #2
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,979
    Thanks
    4
    Thanked 2,659 Times in 2,628 Posts
    ' = for strings
    ` = for fields
    ' are required around any string data. Only use them for strings as MySQL's implicit datatype cast can be set to strict. ` are only required if the property name uses a reserved word or contains spaces (both are bad ideas and best avoided). The exceptions wich they allowed due to their popularity are: ACTION, BIT, DATE, ENUM, NO, TEXT, TIME, and TIMESTAMP, but as with any reserved words, these are best avoided.

    The first method is much better. It uses prepared statements instead of a standard SQL query. PDO is one option in PHP, there is also the MySQLi. In either choice, you do need to choose one or the other now since as of PHP 5.5, the MySQL library is now officially deprecated and will be removed (probably in 6 I'd guess).

  • Users who have thanked Fou-Lu for this post:

    cgdtalent (01-14-2013)

  • #3
    New Coder
    Join Date
    Jan 2013
    Posts
    68
    Thanks
    19
    Thanked 1 Time in 1 Post
    Quote Originally Posted by Fou-Lu View Post
    ' = for strings
    ` = for fields
    ' are required around any string data. Only use them for strings as MySQL's implicit datatype cast can be set to strict. ` are only required if the property name uses a reserved word or contains spaces (both are bad ideas and best avoided). The exceptions wich they allowed due to their popularity are: ACTION, BIT, DATE, ENUM, NO, TEXT, TIME, and TIMESTAMP, but as with any reserved words, these are best avoided.

    The first method is much better. It uses prepared statements instead of a standard SQL query. PDO is one option in PHP, there is also the MySQLi. In either choice, you do need to choose one or the other now since as of PHP 5.5, the MySQL library is now officially deprecated and will be removed (probably in 6 I'd guess).
    I did some quick research on PDO and it seems at first glance that it requires more lines of code to do basic queries, but maybe I'm not seeing it right.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •