Good evening to everyone,
Sorry if my question apperes sily but I'm pazzled by my very trivial problem
In one of the pages of my project I can't concatenate a string containing ' signs
this string can't be concatenated:
$stidR = "INSERT INTO rec_ret_info VALUES('".$rrcode."', ".$modnum.", '".$sdate."', '".$venue."', ".$fac.", ".$date.", ".$sem.")";
but this can:
$stidR = "INSERT INTO rec_ret_info VALUES(".$rrcode.", ".$modnum.", ".$sdate.", ".$venue.", ".$fac.", ".$date.", ".$sem.")";
Apparently if I remove ' signs it works. But i really need them. I really don't know where is the problem. Would be gratefull if you can point me on it.
Can you use a prepared statement to bind a variable?
Connection to Oracle with PDO - More information!
Update
PDO Prepared Statement as an example. The only thing you need to change is the query structure if Oracle is different to MySql in that regard. The binding of variables and the execution will work the same :)
$queryString= "INSERT INTO tablename (ColumnName1,ColumnName2,ColumnName3,ColumnName4,ColumnName5,ColumnName6,ColumnName7) VALUES (?,?,?,?,?,?,?)";
$query = $db->prepare($queryString);
$query->bindValue(1, $variable1, PDO::PARAM_STR);
$query->bindValue(2, $variable2, PDO::PARAM_STR);
$query->bindValue(3, $variable3, PDO::PARAM_STR);
$query->bindValue(4, $variable4, PDO::PARAM_STR);
$query->bindValue(5, $variable5, PDO::PARAM_STR);
$query->bindValue(6, $variable6, PDO::PARAM_STR);
$query->bindValue(7, $variable7, PDO::PARAM_STR);
$query->execute();
simply make echo of your statement like echo $stidR ; and check the resulting sql, and see what you are doing wrong