why do I have to put single quotes around this variable?

[Anonymous]

I have had to put single quotes around $inputIdEncrypt in this line:

$Query = "SELECT * FROM $TableName WHERE idEncrypt='$inputIdEncrypt'";

Otherwise I get an error. Can anyone tell me why this is so?

 

[Anonymous]

It's allways very usefull to post the actual error-message.

What probably is going wrong is that $inputIdEncrypt has a space in it, without quotes the query mysql will not be able to determine what is what and what to do with it.

Greetz Daan

 

[Anonymous]

Here's the error message I get:

Warning: Supplied argument is not a valid MySQL result resource in /hsphere/local/home/zollerwa/zollerwagner.com/realistPtg/artCardPickup6.php on line 53

It prints the values for $Query, $Result, and $numRows as:
select Query: SELECT * FROM artCard WHERE idEncrypt=077040304932b6ea
Result:
numRows:

(yes, those last two are blank)

------------

the code was:
$Query = "SELECT * FROM $TableName WHERE idEncrypt=$inputIdEncrypt";
$Result = mysql_db_query($DBName, $Query, $Link);

$numRows = mysql_num_rows ($Result);

print ("select Query: $Query<br>Result: $Result<br>numRows: $numRows<br>mysql num rows(result): mysql_num_rows($Result)");

------------

Putting single quotes around $inputIdEncrypt fixes this. I'd like to understand why, if you can explain it.

Thanks!

 

[Anonymous]

Hmm. When you said $inputIdEncrypt has a space in it, did you mean that there might be a space at the end of the variable's value or a space in the variable name?

 

[Anonymous]

Your encrypt variable is a string, and not a number, that's why you need quotes around it!!

 

[Anonymous]

Jay's right ... again ... all values for fields of type CHAR, VARCHAR etc.. basically all non INT fields, have to be quoted even if the value exists only of INT (which are numbers).

 

[Anonymous]

Jay's right ... again ...

Thank you

all values for fields of type CHAR, VARCHAR etc.. basically all non INT fields, have to be quoted even if the value exists only of INT (which are numbers).

Actually, I'm not sure if that's completely true, will have to try that out later. The reason this needs to be quotes is because it's not an integer (note the b6ea on the end), hence it's a string.

 

[Anonymous]

Both of your thoughts on this helped. Thanks.

I've been searching for a specific answer to my question and think I've gotten a bit closer to it.

Paul Dubois in the book "MySQL" writes (p. 136):

...as a consequence of MySQL's comparison rules, a comparison involving a string and a number is evaluated as a comparison of two numbers."

At first that looked like the answer. But two values being compared should have both been converted to numbers, shouldn't they? In that case, at least one of the pairs should have matched. (This is because the first characters were numbers and one of the rows in the database would have the same numbers as the input variable.)

SO that didn't strike me as the answer, but it did make me wonder if my input variable and the data stored in the database were being considered different types of data. The database was storing VARCHARs. Maybe my input variable wasn't typed in a way that they could be compared?

It appears that without the quotes the input variable's value was interpreted as a number because the first characters are numeric. The letters that come after the numbers were ignored.

If I use the quotes, the value held in the variable is interpreted as a string. Thus, the entire value is used.

What I still don't get is why MySQL didn't interpret both values as numeric, as DuBois' sentence would say it should. If it did, then it would find matches because the numeric parts of at least one pair would match. Odd.

 

[Anonymous]

The first characters where numbers, so mysql thought it would be a numerical value. Then it encountered some non-numerical characters, mysql probably didn't get that and gave up.

Greetz Daan

 

[Anonymous]

I have had to put single quotes around $inputIdEncrypt in this line:

$Query = "SELECT * FROM $TableName WHERE idEncrypt='$inputIdEncrypt'";

Otherwise I get an error. Can anyone tell me why this is so?

I think your getting to theoretical here. What your query is actually saying is compare the value in the field idEncrypt to the value i specify. Because field idEncrypt is set to varchar and not to (one of the) INT (types) it treats both the fieldvalue and the variable value as strings when comparing... no other reason.

The book your quoting is talking about comparison between a string against a n integer field or comparison using other functions ... WHERE sum(X) > 3 ... and stuff like that.

Its important to keep in mind that not all numbers are automaticaly integers, i mean 'sting', 'string1234' and '1234' can be strings. Just because the last one is made up completely of numbers doesnt make it an integer. It becomes an integer when you specify it as an integer.
In PHP you don't have to declare your variables and variable types but in other languages you somtimes do.
in VB (Visual Basic) for example you do this

dim SomeString as String
dim SomeInteger as Int

SomeString = '1234'
Someinteger = 1234

The reason for this is that integers are represented by the first 128 (or something like that) numbers in ascii. Knowing if your dealing with an integer value gives you or the application some advantages, when comaring you only have to use 128 chracters instead of the full 256, you need less stroring space and probably more.

One more thing about quotes in strings. Always use the function addslashes on your query before sending it to your database, many a bugin my scripts was caused because i left it out.

 

[Anonymous]

The idea that the variable type needs to be clear is certainly a lot easier and more productive than where I was heading!
Thanks,
Art