Writing MySQL-Based Programs - MySQL

Database Reference

In-Depth Information

CREATE TABLE ` some table ` ( i INT );

CREATE TABLE "some table" ( i INT );

If it's necessary to know which identifier quoting characters are permitted, execute a

SELECT @@sql_mode statement to retrieve the SQL mode and check whether its value

includes ANSI_QUOTES .

If a quoting character appears within the identifier itself, double it when quoting the

identifier. For example, quote abc`def as `abc``def` .

Be aware that although string data values in MySQL normally can be quoted using either

single-quote or double-quote characters ( 'abc' , "abc" ), that is not true when AN

SI_QUOTES is enabled. In that case, MySQL interprets 'abc' as a string and "abc" as an

identifier, so you must use only single quotes for strings.

Within a program, you can use an identifier-quoting routine if your API provides one,

or write one yourself if not. Perl DBI has a quote_identifier() method that returns a

properly quoted identifier. For an API that has no such method, you can quote an

identifier by enclosing it within backticks and doubling any backticks that occur within

the identifier. Here's a PHP routine that does so:

function quote_identifier ( $ident )

{

return ( '`' . str_replace ( '`' , '``' , $ident ) . '`' );

}

Portability note: If you write your own identifier-quoting routines, remember that other

DBMSs may require different quoting conventions.

In contexts where identifiers are used as data values, handle them as such. If you select

information from the INFORMATION_SCHEMA metadata database, it's common to indicate

which rows to return by specifying database object names in the WHERE clause. For

example, this statement retrieves the column names for the profile table in the cook

book database:

SELECT COLUMN_NAME FROM INFORMATION_SCHEMA . COLUMNS

WHERE TABLE_SCHEMA = 'cookbook' AND TABLE_NAME = 'profile' ;

The database and table names are used here as data values, not as identifiers. Were you

to construct this statement within a program, parameterize them using placeholders,

not identifier quoting. For example, in Ruby, do this:

names = dbh . select_all ( "SELECT COLUMN_NAME

FROM INFORMATION_SCHEMA.COLUMNS

WHERE TABLE_SCHEMA = ? AND TABLE_NAME = ?" ,

db_name , tbl_name )

MySQL

Search WWH ::

Custom Search

Home