Posted by Michael Fesser on 07/13/07 22:40

..oO(Markus)

>Additionnally, if you want to be safe, you can just concatenate the string:
>$sql = "SELECT * FROM foo WHERE bar='".$_SESSION['bar']."'";

Sure, but IMHO this kind of defeats the purpose of double-quoted strings
in PHP. When I see something like

print "text ".$var." more text ".$anotherVar." and so on";

or even worse

print "<a href=\"".$url."\">".$text."</a>";

then I'm getting...what's that in English - goose bumps (de: Gänsehaut)?
It's just terrible and hurts the eye of an experienced programmer. Not
to mention that jumping in and out of string parsing and mixing it with
escaping and different quote signs is very error-prone.

Micha

• Next in forum: Re: single quotes, double quotes and "undefined index"
• Prev in forum: Re: Race condition when inserting data / MySQL 4.0+, MyISAM tables
• Thread view: Re: single quotes, double quotes and "undefined index"

[Reply to this message]