Using Table Names With Spaces in PHP and mySQL

Last Updated on Wednesday, 30 September 2009 21:24 Written by Nicholas Dunbar

the key to writting SQL queries using table names that contain spaces is to make sure you use the correct quotes.

This is wrong:

SELECT * FROM zoetropes ORDER BY '$name' ASC

 This is correct:

SELECT * FROM zoetropes ORDER BY `$name` ASC

 

Also it is a good idea to make sure there are no SQL special characters in the variable name. Use the following to make sure that this is not a problem:

 

//
//will escape special characters in the unescaped string, so that it is safe to place it in a mysql query
//
function returnDBEscaped($theData){
  // standardize the hard returns to single \n (ascii 10)
  $theData = preg_replace("/\r\n/","\n",$theData);
  $theData = (trim(addslashes($theData)));
  if (str_empty($theData)){
    return "";
  } else{
    return $theData;
  }
}

 

Comments (0)add comment

Write comment
quote
bold
italicize
underline
strike
url
image
quote
quote
smile
wink
laugh
grin
angry
sad
shocked
cool
tongue
kiss
cry
smaller | bigger

security image
Write the displayed characters


busy