Problem with quotation marks when doing INSERT SQL

5

I'm doing a CRUD with PDO, but the prepare () method query only works with "double quotes"

Ex (this works):

"INSERT INTO '_user' ('firstname') VALUES ('blabla')"

That's not how it works:

"INSERT INTO '_user' ('firstname') VALUES ('blabla')"

Is this a problem with encoding or something?

    
asked by anonymous 15.09.2014 / 20:39

2 answers

12

Single quotes should only be used in values. Therefore they are ok in VALUES ('blabla') . Already in table names, columns and aliases , either you do not use anything, or use the backticks ' . These backticks are only required if the name of your table, column, or alias matches some reserved term in MySQL. So in your second query, this part:

INSERT INTO '_user' ('firstname')

has syntax errors. The simplest correct query would look like this (already in a string):

"INSERT INTO _user (firstname) VALUES ('blabla')"

Example of use that the backtick requires, if you had an INT type column named "order" (which is reserved word):

"INSERT INTO _user (firstname, 'order') VALUES ('blabla', 1)"

It's easy to remember that it's always good to avoid using reserved words such as database name, table, column, alias, index, function, procedure, etc.     

15.09.2014 / 21:03
4

Backticks , or crase, or "double quotes", are part of the MySQL identifier pattern (I'm not sure if it's the sql language itself or the SGDB). You can read more about this at MySql documentation

    
15.09.2014 / 21:06