PHP query structure

Question

I am trying to learn object oriented mysqli and I have a (pretty basic I'm sure) question. I am following the guide here

When it comes to writing queries, what's the difference (if any) between the following queries;

First

$sql = <<<SQL
    SELECT *
    FROM `users`
    WHERE `live` = 1 
SQL;

Second

$sql = ("SELECT * FROM users WHERE live = 1");

I would like to start as I mean to go on so any advice is appreciated.

You should start off with PDO/mysqlnd.... mysqli is all but deprecated. — winmutt, Jul 02 '15 at 16:04
@winmutt Uhm, mysqli is not deprecated. [ext/mysql is](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php) — Machavity, Jul 02 '15 at 16:05
PDO's named placeholders make it a lot more friendly to use and variable binding is way easier because of it. — tadman, Jul 02 '15 at 16:06
@PatrickMurphy That's like saying you should use Python because PHP is all but deprecated. It's misleading at best and dishonest at worst. mysqli is here to stay. — Machavity, Jul 02 '15 at 16:07
I wasn't agreeing with him just clarifying he didn't claim it was deprecated. — Patrick Murphy, Jul 02 '15 at 16:12

Miguel Mesquita Alfaiate · Accepted Answer · 2016-07-04T15:16:45.307

4

The first is heredoc syntax: heredoc

They both serve the same purpose. Using heredoc makes it easier to mix static text with variables without having to worry about string concatenation or using {$variable} to have variables inside strings.

Using heredoc also allows multilining your queries for easier reading in a cleaner way.

Disclaimer: I don't use heredoc extensively, but for lengthy queries it makes it easier to break down in lines and read them :)

edited Jul 04 '16 at 15:16

answered Jul 02 '15 at 16:03

Miguel Mesquita Alfaiate

2,851
5
30
56

Thanks @BlunT I've actually never heard of this but I'm reading about it now. I'm not sure which one I will decide to go with but at least my question is answered! – jonboy Jul 02 '15 at 16:05
You can use multiple lines with double quotes too. – Dave Chen Jul 02 '15 at 16:07
@DaveChen you're right, it just seems cleaner with heredoc :) – Miguel Mesquita Alfaiate Jul 02 '15 at 16:08

score 0 · Answer 2 · edited May 23 '17 at 12:08

I would advocate concatenation instead.

$sql = 'SELECT * FROM table WHERE ID = ' . (int)$somevar . ' LIMIT 1';

Or you can skip the concatenation in SQL and use a prepared statement instead.

$sql = 'SELECT * FROM table WHERE ID = ? LIMIT 1';

Heredoc does allow inlining but it's also MUCH stricter on rules and sometimes creates strange problems in coding, especially when you want to indent code (the closing string has to be on a line by itself with no indenting). Consider that it is considered a best practice that you indent code when you have code inside a block statement

// Syntax error
if($something) {
    $sql = <<<SQL
        SELECT *
        FROM `users`
        WHERE `live` = 1 
    SQL;
}

I know of no major open source PHP that makes extensive use of heredoc. Most write standard strings and either escape the data or use prepared statements

I mentined concatenation as means to building dynamic queries, not for concatenating parameters. But I totally hate that . notation . I like this better: `$var = "SELECT * FROM {$mytable}";` — Miguel Mesquita Alfaiate, Jul 02 '15 at 16:25

PHP query structure

2 Answers2