I have a piece of code and i keep getting syntax errors for codes like thess :
$query ="SELECT * from `jos_menu` where `id` = ".'\".$parent.'\";
Now when i reformat it as :
$query ="SELECT * from `jos_menu` where `id` = ".$parent;
That is when i remove : '\" it works fine. So i am just wondering, what does ('\") actually do ???
The only problem with
$query ="SELECT * from `jos_menu` where `id` = ".'\".$parent.'\";
Is that you missed a few ':
$query ="SELECT * from `jos_menu` where `id` = ".'\"'.$parent.'\"';
In PHP, a string can either be:
$var = 'This is a string';
Or
$var = "This is a string";
If you want to put " inside a string that you already started with ", you need tell PHP that you don't want your second " to end the string but use the character " as part of the string itself. This is what \" does. It tells PHP that Don't give the " character any special meaning; since normally if you started the string with ", the next " would end the string.
\ means remove any "special" meaning to the next character
This only works if the character after the \ would have had special meaning. Some examples:
Suppose we want to print Hello "World". I am a string!:
$var = "Hello "World". I am a string!";
In this example we will have errors. Since we started the string with ", the next " will close the string. So what PHP thinks:
" Start of stringHello part of string variable." Hey, since I saw that the string was started with ", this must mean the end of it!World" <-- ErrorStop processing and throw errors.
However, if we write:
$var = "Hello \"World\". I am a string!";
Now, PHP thinks:
" Start of stringHello part of string variable\ Ah, okay, the next character I should remove any special meaning" Okay, this is immediately after \, so I just use it normally, as a ".World part of string\ Okay, the next character I will remove any special meaning" This is now a normal ". I am a string! - part of string variable." Ah! Since the string was started with ", this must be the ending.; ends statement.Hopefully this clarifies things for you.
\ is the escape character. It means the next character should be taken literally, without care for its special meaning.
In PHP, you would generally see '\" inside of a string if the string were delimited with double quotes (and the developer just wanted a preceding single quote).
It denotes escaped characters. The next character that appear after it, will be taken as its current form.
Your Query is incorrectly escaped
$query ="SELECT * from `jos_menu` where `id` = ".'\".$parent.'\";
//^ You mismatched the quotes from here
A correctly escaped query should be
$query ="SELECT * from `jos_menu` where `id` = \"$parent\"";
// ^ Note here " will printed as it is within the query
For example, If $parent was 2, then the query would be
SELECT * from `jos_menu` where `id` = "2"
It works fine because you have a numeric value - so mysql automatically converts a string to a number for you. So you get 2 different queries (assuming that $parent = 42;:
SELECT * from `jos_menu` where `id` = 42
vs
SELECT * from `jos_menu` where `id` = "42"
A few things:
'\'' // outputs a single '\t tab character etcThe back-slash escapes next charactor after it; in your example this would work:
$query = "SELECT * from jos_menu where id = ".$parent;
But so would this:
$query = "SELECT * from jos_menu where id = $parent";
When escaping quotations, it varies on the type of parenthesis used. With double parenthesis, you can include the variable right into the string, just be careful of accessing arrays by key:
$var = "This \"works\" ".$fine.".";
$var = "This 'also' works just $fine.";
$var = "This $will['fail'].";
$var = "However, $this[will] work and so ".$will['this'].".";
Same rules apply for single parenthesis.