On Mon, 2005-03-21 at 20:41 -0700, Patrick Fleming, EA wrote:
>
> Craig White wrote:
> > I have a problem with quoting strings
> >
> > My problem is with php/mysql but I would venture to guess that this
> > issue is almost across the board problem and not specific to this pair.
> >
> > My string...
> > (php)
> > $my_search = "SELECT * from horde_datatree WHERE user_uid = \"$user\" \
> > AND (group_uid = 'horde.shares.kronolith' OR group_uid = \
> > 'horde.shares.nag' OR gr\oup_uid = 'horde.shares.imp' OR group_uid = \
> > 'horde.shares.turba' OR group_uid = 'horde.shares.mnemo')";
> >
>
>
> $my_search ="SELECT * from horde_datatree where user_uid = '$user' AND
> <snip>
----
of course putting single quotes around $user means that the variable
won't expand - but the option here is to pass the $user variable through
the post and expand it there I guess.
----
>
> > which results in (an example - variable expanded)
> >
> > SELECT * from horde_datatree WHERE user_uid = "jennifer" AND (group_uid
> > = 'horde.shares.kronolith' OR group_uid = 'horde.shares.nag' OR
> > group_uid = 'horde.shares.imp' OR group_uid = 'horde.shares.turba' OR
> > group_uid = 'horde.shares.mnemo')
> >
> > now I need to pass this string (along with other things) in an html POST
> > operation...
> >
> > echo "<input type='hidden' name='search_string' \
> > value=\"$search_string\">";
>
> echo "<input type=\"hidden\" name=\"search_string" \
> value=\"$search_string\">";
>
> Not sure if it matters but I see that you are mixing quotation marks.
> I did notice that you are using $my_search above and $search_string here.
----
yeah sorry - I clipped it from the last revision where I changed it and
the next line - which I didn't include, set the value of $search_string
to equal $my_search
As for mixing quotes...my preference is to generally use the single
quote to quote a long string and double quotes for inside strings. Of
course any variables inside of a single quote string won't expand and
that isn't always possible - which is why they are done the opposite way
as you've noted in the above. I am gonna try out escaping all double
quotes as you have done though - it would be better if I could escape
single quotes (it would probably solve my problem) - but that doesn't
work (perhaps it is a php problem).
----
>
> I guess one other question that I might have is why are you passing the
> whole query instead of just the user_uid string?
> That way you check to see if user_uid is set, and if so load it into the
> query.
----
OK - well - I think that is a corollary to the issue that Ted raised but
I can tell you my answer - I'm looking for simplicity...
I have a number of different choices on this page which is going to post
to another php file. This page lists all of the found attributes (from a
mysql db) and displays a checkbox on each row. There is a pop-up list
(Select in html form) and several buttons to give an action.
If I can pass the search string (which will be different each time), the
value of the check boxes, the value of the pop-up list and the value of
the action button, this will post to a php file/program which will re-
run the search, populate arrays row by row but only where the value
matches the array of numbers from the checkbox, and either
(update/select into the table the value passed from the select box) or
(delete the records from the table).
Thus if I could pass the entire search string, I don't have to redo all
of the same code in the target file that builds the search string that I
have in the source file.
I know it's convoluted and I thought that I wouldn't bother everyone
with all of these details.
Craig
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)