brackets

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
gautamz07
Forum Contributor
Posts: 331
Joined: Wed May 14, 2014 12:18 pm

brackets

Post by gautamz07 »

Code: Select all

function send_msg($sender , $message){

	if(!empty($sender) && !empty($message)){

		$sender = mysql_real_escape_string($sender);
		$message= mysql_real_escape_string($message);

		$query = "INSERT INTO  `chat`.`chat` VALUES (null , '{$sender}' , '$message')";    // Difficulty on THIS LINE !!!!

		if($run = mysql_query($query)){
			return true;
		}else{
			return false;
		}
	}
why is '{$sender}' given the curley brakets ????? and why is message not given the same brackets ?

also why is this function used ? i.e. mysql_real_escape_string , i know what it does , but is it to prevent SQL injection.
User avatar
requinix
Spammer :|
Posts: 6617
Joined: Wed Oct 15, 2008 2:35 am
Location: WA, USA

Re: brackets

Post by requinix »

{}s are just another way of putting variables into strings. These are all equivalent:

Code: Select all

"abc " . $variable . " 123"
"abc $variable 123"
"abc {$variable} 123"
"abc ${variable} 123"
There are slight differences, especially when it comes to arrays, so best practice is to use the {$variable} syntax.

As for mysql_real_escape_string(), if you know what it does then I'm not sure why you're asking what it does. Yes, it helps you prevent SQL injection when you are not using prepared statements.
User avatar
gautamz07
Forum Contributor
Posts: 331
Joined: Wed May 14, 2014 12:18 pm

Re: brackets

Post by gautamz07 »

Thank you !
Post Reply