Re: why use {} around vraiable?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Thu, 2008-03-20 at 09:22 -0700, Lamp Lists wrote:
> hi,
> I saw several times that some people use this
>  
> $parameters = array(
>   'param1' => "{$_POST["param1"]}",
>   'param2' => "{$_POST["param2"]}"
>  );

Ignorance.

> or
> 
>  $query = mysql_query("SELECT * FROM table1 WHERE id='{$session_id}'");

Ignorance/Habit since you only need to do that if the context of the
variable is ambiguous... for instance:

   $something = "Something blah $blehblah blah blah".

When what was really wanted was:

   $something = "Something blah {$bleh}blah blah blah".

One would hope that in the example you provided the developer properly
escaped $session_id.

> I would use:
> 
> $parameters = array(
>   'param1' => $_POST["param1"],
>   'param2' => $_POST["param2"]
>  );

I sure would too (although I'd use single quotes for the array indices).
I'd also append a dangling , to that last array entry to make it
simplistic to add another entry and never worry about having to add a ,
to the previous entry. The following is perfectly legal in PHP and is an
intentional feature:

$parameters = array
(
    'param1' => $_POST['param1'],
    'param2' => $_POST['param2'],
);
 
>  and
> 
>  $query = mysql_query("SELECT * FROM table1 WHERE id=' ".$session_id."
> ' ");

That's broken unless you're relying on a MySQL type conversion trick to
match the session ID since you've prepended and appended the id match
with spaced. You probably meant to type:

    "SELECT * FROM table1 WHERE id='".$session_id."' "

In that case, I normally do similar for queries, except mine look more
like:

    "SELECT * FROM table1 WHERE id=".$db->quote( $session_id )." "

Where the quote() method performs both the quoting and the escaping.

> does it really matter? is there really difference or these are just two "styles"?

It matters greatly if it's incorrect :) Otherwise it matters less so but
one is more efficient than the other. There's absolutely no reason to
interpolate a value if the value is the variable's value itself.

Cheers,
Rob.
-- 
http://www.interjinn.com
Application and Templating Framework for PHP


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux