Milton Milton - 1 month ago 14
SQL Question

Trouble specifying my tablename inside query because of dot notation

I'm having trouble specifying my tablename inside the following query.

$sql = "INSERT INTO db269193_crud.posts (post_title,description)
VALUES ('" . $title . "','" . $description . "')";


The tablename is: db269193_crud.posts. I can't specify the table name as 'posts' because of my hostingprovider. They only allow me to specify it in conjunction with my databasename (which is db269193).

So the table name becomes: db269193(dot)posts. This dot however keeps lighting up in my editor as an incorrect syntax.

I need someone's help to tell me if I specified the table name correctly or if I have to use a variable to hide the dot notation like:

$tablename = 'db269193.crud';

$sql = "INSERT INTO $tablename (post_title,description)
VALUES ('" . $title . "','" . $description . "')";

Answer Source

You can put the entire name in backticks to escape it:

INSERT INTO `db269193_crud.posts` (post_title, description) 
  VALUES ('" . $title . "', '" . $description . "')

As for the rest of your statement, I would encourage you to use parameters instead of munging the query string. By putting random strings in the query, you are just inviting syntax errors and SQL injection attacks.