Question about quotes

Question

Here is a sample code:

$query = "INSERT INTO $table SET category = '".$_POST['new_dish_category']."', name_of_dish = '".$_POST["new_dish_name"]."', discription = '".$_POST["new_dish_discription"]."', weight = '".$_POST["new_dish_weight"]."', price = '".$_POST["new_dish_price"]."'";

Question: why quotes are placed in such an image, I just can not understand? The first double is still clear, single for sql, and then what is the concatenation? After all, variables can be displayed in a string and just like that, like "tru-la-la $ my la la la". Explain, please, in more detail.

in the sql query, the value of the variable must be in quotes.
In addition to this, the names of the tables and columns must be in slanting quotes, but this is no longer necessary.
Most likely, double quotes are needed so that inside you can use single quotes for values without shielding, concatenation is most likely used because
The author either did not know how to place an array with an index inside double quotes, or used concatenation for clarity.
But given that double quotes are used even for array indices, the author simply loves double quotes and it makes no sense to try to understand the logic.
In your "tru-la-la $ my la-la-la", you must manually write a variable.
Not so written and hello errors that the devil knows where to look.
And the stupid mistakes will be that instead of $my you wrote $ny ...... and you can see the variable and the line separately and the autocompet works.
It looks scary, but nonetheless .... Although all these lines can be written down in different ways, for example, through sprintf and then it will be more beautiful ........ but in general in queries now prepared variables are used for a long time ... So what is hard to get in modern times
If it is not difficult for you, could you show in this example how it would be more correct to write (more modern)?

Question about quotes

0

More articles: