PHP : Using a variable to hold a table name, and using that variable in queries

Question

I am currently learning PHP, and I'm working on a Registration Form. Somewhere in my code I have these statements

$query = "SELECT `stud_no` FROM `tb_registered_users` WHERE `stud_no`='$studno'";

and

$query = "INSERT INTO `tb_registered_users`
VALUES ('".$studno."','".$firstname."','".$lastname."')";

but instead I want to declare this variable and use it in the queries mentioned above

$mysql_tb = 'tb_registered_users';

So what is the correct syntax for this?

score 11 · Accepted Answer · answered Dec 01 '12 at 05:26

11

$query = "INSERT INTO `" . $mysql_tb . "`
VALUES ('".$studno."','".$firstname."','".$lastname."')";

answered Dec 01 '12 at 05:26

nickb

59,313
13
108
143

score 10 · Answer 2 · answered Dec 01 '12 at 05:31

10

<?php
$mysql_tb = 'tb_registered_users';
$query = "SELECT `stud_no` FROM `{$mysql_tb}` WHERE `stud_no`='$studno'";
$query = "INSERT INTO `{$mysql_tb}` VALUES ('".$studno."','".$firstname."','".$lastname."')";

answered Dec 01 '12 at 05:31

Yueyu

171
1
6

this curly bracket syntax changed my life, didn't know that was possible thank you! – Thomas May 14 '14 at 17:51
@Yueyu could you please explain what is the work of curly bracket – Sooraj Abbasi Nov 09 '17 at 16:31

score 1 · Answer 3 · answered Dec 01 '12 at 05:26

1

$mysql_tb = 'tb_registered_users';

$query = "SELECT `stud_no` FROM `".$mysql_tb."` WHERE `stud_no`='$studno'";

answered Dec 01 '12 at 05:26

Elijan

1,406
1
8
11

score 1 · Answer 4 · answered Dec 01 '12 at 05:27

You can just do it as

$query = "SELECT `stud_no` FROM " . $mysql_tb . " WHERE `stud_no`='$studno'";

but I would recommend looking into PDO ( http://www.php.net/manual/en/book.pdo.php && http://net.tutsplus.com/tutorials/php/why-you-should-be-using-phps-pdo-for-database-access/).

score 1 · Answer 5 · answered Dec 01 '12 at 05:30

$query = "SELECT `stud_no` FROM `".$mysql_tb."` WHERE `stud_no`='$studno'";

and

$query = "INSERT INTO `".$mysql_tb."` VALUES ('".$studno."','".$firstname."','".$lastname."')";

You may also want to look into using something like PDO which will allow you to use named parameters and avoid SQL injections.

score 1 · Answer 6 · answered Jan 11 '18 at 20:51

1

Also worked for me if using double quotes:

$newDataInput = "INSERT INTO $mysql_tb (Date,Time) VALUES ('$date','$time')";

answered Jan 11 '18 at 20:51

aheit123456

17
3

score 1 · Answer 7 · answered Aug 26 '19 at 10:52

BTW you can also use sprintf function to do the same thing as show below

(PHP 4, PHP 5, PHP 7) sprintf — Return a formatted string

$mysql_tb = 'tb_registered_users';
$query1 = sprintf("SELECT `stud_no` FROM `%s` WHERE `stud_no`='$studno'",$mysql_tb);
$query2 = sprintf("INSERT INTO `%s` VALUES ('".$studno."','".$firstname."','".$lastname."')",$mysql_tb);

Just put %s in place where you want to replace the value and then use second parameter as variable as shown in here. It works as same as function in c language and c++. You can replace multiple values also with multiple parameters. Here is php manual help

https://www.php.net/manual/en/function.sprintf.php Hope that helps

PHP : Using a variable to hold a table name, and using that variable in queries

7 Answers7

Linked

Related