Posted by David Gillen on 05/04/07 11:17

john said:
> All:
>
> I'm a long-time developer, new to PHP....
>
> Is there an idiom used in PHP to construct SQL statments from $_POST
> data?
>
> I would guess that in many applications, the data read from $_POST are
> used to build SQL statements. Certainly, we can do the following:
>
> $email = $_POST['email']
> $sql = "insert ... values ('$email')..."
>
$sql = "INSERT .. values ('{$_POST['email']}')";

The braces around the variable will result in it being substituted correctly
for it's value. Not the most readable unfortunately.

But also if you have lots of post variables and don't want to do
$var1 = $_POST['var1'];
$var2 = $_POST['var2'];
etc
You can insert the following snippet
foreach($_POST as $key=>$val)
{
$$key = $val;
}
or single line
foreach($_POST as $key=>$val){$$key = $val;}

And now you can reference all the variable as $var1, $var2 etc. The $$ is
variable variable notation. So do that and then
$sql = "INSERT ... values ('$var1','$var2',...etc)";
Much more readable.

Hope that helps.

D.
--
Fermat was right.

• Next in forum: Re: Using SendMail in Forms w/PHP HTML
• Prev in forum: Re: Recursionalism
• Thread view: Re: $_POST and Building SQL Strings

[Reply to this message]