-----Original Message----- From: cyaugin [mailto:cyaugin@xxxxxxxxx] Sent: Saturday, May 03, 2008 10:20 AM To: php-general@xxxxxxxxxxxxx Subject: Complex escape string I have this line of code: $q = "This is the string that will go into the query: {${mysql_real_escape_string($_GET['searchstring'])}}"; What happens then is the user supplies 'foo' as the search string, and I get a debug notice "Undefined variable: foo". Why is it treating the value as an identifier and how do I make it do what I actually want it to do? This is on PHP5, latest release. --------------- It looks to me like what is happening is this piece: ${mysql_real_escape_string($_GET['searchstring'])} Gets collapsed to $foo when mysql_real_escape_string($_GET['searchstring']) == 'foo'. ${'a'} will expand to $a. I think that your problem is that you need to drop that '$' before the brace around the function call. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
