Strange syntax error

afridy · September 18, 2014, 7:10am

Hai folks,

the line highlighted in bold have a syntax error which i could not get rid of. please help me.

<?php
echo "<select name=" . $select_name . " id=" . $select_id . ">";
echo "<option value="Select">Select</option>";
    
    require_once('../includes/connection.php');
                    
    $query="SELECT * FROM " . $table . " 
            ORDER BY " . $order_column . " ASC";

    if ($result=mysql_query($query) or die (mysql_error())); 
    while($row=mysql_fetch_array($result)){
       **$value=$row['" . $value_column . "'];
       $name=$row['" . $name_column . "'];**
       echo "<option value='" . $value . "'>" . $name . "</option>";
    }

    echo "</select>":
?>

ralphm · September 18, 2014, 7:14am

There is an obvious problem with these two lines:

echo "<select name=" . $select_name . " id=" . $select_id . ">";
echo "<option value="Select">Select</option>";

You are using " in a confusing way, mixing two kinds together. Try this instead:

echo '<select name="' . $select_name . '" id="' . $select_id . '">';
echo '<option value="Select">Select</option>';

SpacePhoenix · September 18, 2014, 7:48am

If you’re not already aware, the old mysql_* extension is deprecated as of php version 5.5 and will likely be removed from the next version of PHP. You need to be migrating your code to use either the mysqli_* extension or PDO and once migrated remember to use prepared statements to eliminate the risk of SQL injection attack

afridy · September 18, 2014, 8:02am

Thanks guys. ill check your suggessions.

afridy · September 18, 2014, 8:03am

Thanks ralphm, yes i might need to change my quoting way as you sad.

xMog · September 18, 2014, 8:41am

So it appears that you have trouble to separate your strings with either " or ’ (single or double quote) when you have HTML in those strings.

In PHP, you can use both, either double-quote or single-quote to surround a string.

For example, you could do:

$text = "this is a text";

OR

$text = 'this is a text';

Both works. The difference is that with the double-quote, you can use variable inside it and PHP will change the variables for its value. For example:

$myvar = "hello";
$text = "this is some random text: $myvar"

if you echo the variable $text, it will give you

this is some random text: hello

If you try it with single quote, like this:
$myvar = “hello”;
$text = “this is some random text: $myvar”

You’ll get:

this is some random text: $myvar

PHP didn’t try to parse the string and change the variable $myvar because I used single quotes.

Now, you can use the double quotes or single quotes. Single quotes are faster, but you shouldn’t notice it until you treat thousands of string. So you can choose whatever you want.

For HTML, it’s the same thing for arguments. You can use double quotes or single quotes. Example:

<form action='index.php'>

is the same as

<form action="index.php">

You can’t however, in PHP and HTML, start a string with a double-quote and close it with a single quote. It has to be the same.

So, when you mix HTML and PHP, you should choose one separator for PHP and one for HTML. IMO, using double quotes for PHP and single quote for HTML is easier to read, but it’s just personal thing.

For example:

echo "<form action='index.php'>";

When you need to add variable in this, yes, you can use the point “.” to concatenate strings with variables. However, since using double-quotes with PHP will change the variable inside it, you could write

echo "<select name='$select_name'  id='$select_id'>";

instead of

echo "<select name=" . $select_name . " id=" . $select_id . ">";

See how the first piece of code is easier to read than the second?

Or, as @ralphm suggested, you can also use:

 echo '<select name="' . $select_name . '" id="' . $select_id . '">';

But, IMO, it’s harder to read, but you choose whatever you want.

Also, please consider not echoing HTML and just outputting it like this:

<select name="<?= $select_name ?>" id="<?= $select_id ?>">
  <?php foreach ($items as $key => $value): ?>
     <option value='<?= $key ?>'><?= $value ?></option>
  <?php endforeach; ?>
</select>

IMO, this is even more easier to read.

I also wrote a post about dealing with quotations with PHP if you’re interested to know more. If you read it, don’t hesitate to tell me your opinion

felgall · September 18, 2014, 8:50am

I usually go the other way around because it is more usual to see HTML attribute values inside of " " and the ’ ’ around the PP means that is doesn’t waste a microsecond or two trying to parse the string for PHP variables when it doesn’t contain any.

IMO it is also just as easy to read either way.

echo '<form action="index.php">';

Also inserting variables directly inside " " only works for individual variable names - if you have arrays or other slightly more complex names they may not be substituted correctly. Concatenating them outside of the quotes fixes this problem.

The one time you do need to wrap " " around a PHP string is when you are using escape characters such as \n