Milton Milton - 10 months ago 50
SQL Question

Trouble specifying my tablename inside query because of dot notation

I'm having trouble specifying my tablename inside the following query.

$sql = "INSERT INTO db269193_crud.posts (post_title,description)
VALUES ('" . $title . "','" . $description . "')";

The tablename is: db269193_crud.posts. I can't specify the table name as 'posts' because of my hostingprovider. They only allow me to specify it in conjunction with my databasename (which is db269193).

So the table name becomes: db269193(dot)posts. This dot however keeps lighting up in my editor as an incorrect syntax.

I need someone's help to tell me if I specified the table name correctly or if I have to use a variable to hide the dot notation like:

$tablename = 'db269193.crud';

$sql = "INSERT INTO $tablename (post_title,description)
VALUES ('" . $title . "','" . $description . "')";

Answer Source

You can put the entire name in backticks to escape it:

INSERT INTO `db269193_crud.posts` (post_title, description) 
  VALUES ('" . $title . "', '" . $description . "')

As for the rest of your statement, I would encourage you to use parameters instead of munging the query string. By putting random strings in the query, you are just inviting syntax errors and SQL injection attacks.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download