In this php function I'm doing a query to tables that the name contain special characters like $
so in php If I use ""
in the query the application thinks that the table name is a variable so it returns Variable not found
.
Exemple 1:
$SQL = "SELECT COUNT(*)
FROM [table_name$1]
left join [table_name$2] as d on [Code] = d.[Code]
where d.[Dimension Code] = 'NAT'
and [Request Code] not like 'AC%'";
But if I use ''
in the query he thinks that everything inside ""
is a column so it returns Invalide column Name
in this case NAT
Exemple 2:
$SQL = 'SELECT COUNT(*)
FROM [table_name$1]
left join [table_name$2] as d on [Code] = d.[Code]
where d.[Dimension Code] = "NATUREZA FUNC"
and [Request Code] not like "AC%"';
Best way to escape this problem?
I now you can use mysql_real_escape_string
to escape them but there′s a lot of tables. I would like to now if it exists a more efficient way
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…