-----Original Message-----
From: cyaugin [mailto:[EMAIL PROTECTED]
Sent: Saturday, May 03, 2008 10:20 AM
To: [email protected]
Subject: [PHP] Complex escape string
I have this line of code:
$q = "This is the string that will go into the query:
{${mysql_real_escape_string($_GET['searchstring'])}}";
What happens then is the user supplies 'foo' as the search string, and I get
a debug notice "Undefined variable: foo". Why is it treating the value as an
identifier and how do I make it do what I actually want it to do? This is on
PHP5, latest release.
---------------
It looks to me like what is happening is this piece:
${mysql_real_escape_string($_GET['searchstring'])}
Gets collapsed to $foo when mysql_real_escape_string($_GET['searchstring'])
== 'foo'. ${'a'} will expand to $a. I think that your problem is that you
need to drop that '$' before the brace around the function call.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
