Does it matter how to code query?

marxx · 03-20-2008, 10:44 AM

I've seen couble ways ppl to code query but now I just have to ask it from here.

Below is three examples and question is: Does it really matter how to do it?

example 1:

Code:

$query = "SELECT * FROM ´mytable´ WHERE slogan = 'kicksass'";
$do_it = mysql_query($query) or die(mysql_error());

$showme = mysql_fetch_array($do_it);

example 2:

Code:

$query = mysql_query("SELECT * FROM ´mytable´ WHERE slogan = 'kicksass'") or die(mysql_error());

$showme = mysql_fetch_array($query);

example 3: (my fav because can do it in one line)

Code:

$showme = mysql_fetch_array(mysql_query("SELECT * FROM ´mytable´ WHERE slogan = 'kickass'")) or die(mysql_error());

Thanks for all.. =)

freenity · 03-20-2008, 01:13 PM

I guess there is no difference.
I use the example 2 method.

But sometimes you need to use example 1 method, for example if you have lets say a news.php file and the sections are defined by ?s var.

you have news.php?s=1 ; news.php?s=2, etc

so to select the section a possibility is using a switch, assign to a var say $query the query.
case1: $query = "select * from science";
case2: $query = "select * from sports"; ,etc

and then you just do:
mysql_query($query);

So it depends on what are you using it for.

The example 3 just make a die() (exit and prints an error msg.)
Might be fine using it in a small script, but in bigger sites it's better make a custom error handler.

wGEric · 03-20-2008, 11:32 PM

Doesn't matter how you do it. How you do it is personal preference and your coding style.

maZtah · 03-22-2008, 04:41 PM

Quote:

Originally Posted by freenity

you have news.php?s=1 ; news.php?s=2, etc

so to select the section a possibility is using a switch, assign to a var say $query the query.
case1: $query = "select * from science";
case2: $query = "select * from sports"; ,etc

and then you just do:
mysql_query($query);

A better way would be:

PHP Code:


			
// It's not about the sprintf, just about $szSection

$szQuery = sprintf("SELECT * FROM %s", $szSection);

$pResult = mysql_query($szQuery);

This way you're not repeating peaces of code.

Anyways, ontopic:
I prefer the way I did the query above. This way, if a query is not working you can just do:

PHP Code:


			
$szQuery = sprintf("SELECT * FROM %s", $szSection);

echo $szQuery;

exit();

$pResult = mysql_query($szQuery);

And see what's wrong with the query!

:)

Gareth · 03-20-2008, 11:51 PM

Make sure you keep what ever you do consistent...

Aaron · 03-21-2008, 05:38 AM

People code things different ways because they like the syntax. Aside from that it all about the least amount of typing. Example one is Copy and Paste for everything except for the query, so you could put it into a function, while example 2 is good for an inline look at the query (so you don't have to reference to the function). Example three is just...

Gareth · 03-21-2008, 12:41 PM

To expand what I said earlier, I personally like the following:

PHP Code:


			
<?php



    $qQuery = mysql_query( "    SELECT * FROM

                                    my_db

                                WHERE

                                    something = often_a_variable

                                " );

                                

    $rQuery = mysql_fetch_array( $qQuery );



?>

I do the same style each time.

SOCK · 03-22-2008, 07:07 PM

I agree with maZtah; I prefer style #1, which keeps the SQL statement separate from the actual query call. If you need to look at the query or data embedded in it, it's simple to display the SQL statement by itself. If it's trapped within a function call (or worse, a couple of function calls), troubleshooting why the data isn't coming out the other end becomes exponentially more difficult. You wind up having to dissect into several pieces anyway.

Using sprintf() is also a good way to go, but don't rely on it alone to protect your database from SQL injection. Parameterized queries are also useful, if your database interface extension provides them.