| Re: Regarding split text and match from data base [message #183963 is a reply to message #183958] |
Fri, 29 November 2013 12:40   |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
|
Senior Member |
|
|
On 11/29/2013 12:01 AM, Ben Bacarisse wrote:
> Jerry Stuckle <jstucklex(at)attglobal(dot)net> writes:
>
>> On 11/28/2013 9:34 PM, Ben Bacarisse wrote:
> <snip>
>>> Going back to the OP's code I see that he or she wants to print the IP
>>> as well. Your loop was:
>>>
>>> while ($data = mysqli_fetch_row($res))
>>> echo $data['mac_id'] . ' ' . $data['mac_name'] . "\n";
>>>
>>> and we can add the IP address just as easily with either capture
>>> ordering.
>>
>> Very easy to do with set order. Each pair is matched up - ip address
>> in element 1 and mac address in element 2 of the array.
>
> The pairing is not needed -- that's why I quoted your own code. It is
> just as easy to add the IP address to your output using either order.
>
You can't easily do it with foreach(), for instance. i.e.
foreach($matches as $match) {
$ip = mysqli_real_escape_string($link, $match[1]);
$mac = mysqli_real_escape_string($link, $match[2]);
mysqli_query($link, 'INSERT INTO myTable(ip,mac) ' .
"VALUES ('$ip', '$mac')";
>> It is very
>> easy to use foreach() to go through the base array and access element
>> 1 and element 2 of the internal array, as I did. If you use pattern
>> order, you can't do that.
>
> Are we looking at different code? I don't see anywhere where you do
> that.
>
No, I'm not doing it here. But that doesn't mean it isn't necessary.
He wanted the IP address for a reason.
> You print the elements using a while statement that does not use the
> matched values at all. Adding the IP address to the output can be done
> as easily with either capture order. The only foreach loop I can see
> was used to build list of MAC addresses and it has no need of the
> corresponding IP address.
>
Not in this case. But that doesn't mean it isn't necessary. He wanted
the IP address for a reason.
> As it happens, I think that code is actually a little clearer using
> pattern order. Rather than:
>
> foreach ($matches as $match) {
> if ($macs != '') // Not the first time through, so
> $macs .= ', '; // Add a separator
> $macs .= '\'' . mysqli_real_escape_string($link, $match[2])
> . '\'';
> }
>
> you get:
>
> foreach ($matches[2] as $match) {
> if ($macs != '') // Not the first time through, so
> $macs .= ', '; // Add a separator
> $macs .= '\'' . X_mysqli_real_escape_string($link, $match)
> . '\'';
> }
>
AI really don't see where this is clearer. So you're not using
$matches[2] instead of in $match[2]. It is immaterial.
> where it's clear from the get-go that the loop is processing the MAC
> addresses. There's no need to see what elements of $match get using in
> the loop body to know what it's processing.
>
It's also clear from my loop that you are processing the mac addresses.
In your case you still need to know it's in $matches[2].
>> But I think we are arguing a matter of style here. I also use pattern
>> order when appropriate. In this case I still think set order is more
>> appropriate.
>
> As I said, we should agree to disagree. My conclusion is the reverse of
> yours.
>
Yes, and you won't give it up, will you?
>>>> >> Additionally,
>>>> >> you don't call mysqli_real_escape_string() for the values. Yes, I
>>>> >> know it's not actually required here - but it's a good habit for new
>>>> >> programmers to get into. It's much better to call it when not needed
>>>> >> than to not call it when it is needed.
>>>> >
>>>> > Well, you can't mean that literally (there are places where it's not
>>>> > needed where using it would break the code) but I know what you are
>>>> > getting at. Part of the equation should be, in my view, how likely it
>>>> > is that the quoting will be needed. Given the context (mac addresses)
>>>> > it's not very likely, and I'd take that into account.
>>>> >
>>>> > <snip>
>>>>
>>>> Yes, I do mean that literally. And there is no place where you call
>>>> it for strings that will break the code. If there is, I would like
>>>> you to show it. mysqli_real_escape_string is about more than quoting.
>>>
>>> I think we are talking at cross purposes. You mean (I think) that it's
>>> never wrong to call it when it might be right to call it -- and that's
>>> true. I took your "better to call it when not needed" absolutely
>>> literally. For example, if the string is already quoted it is "not
>>> needed" and calling it will break something.
>>
>> No, if the string is already quoted, it will not "break
>> something". Only if the string has already been processed through
>> mysqli_real_escape_string() could there be a problem. Any other
>> method of "quoting" is not supported.
>
> I just don't get this. If I have some data that is already quoted it
> must be inserted it into an SQL statement as is. If I pass it through
> mysqli_real_escape_string it will not longer be correctly quoted.
>
The only valid way to quote a string is with mysqli_real_escape_string()
(or the deprecated mysql_escape_string). Of course you would not expect
to get the correct results if you process a string two times though the
function.
> But, anyway, you've just given an example yourself of a situation where
> it is not better to cal is when not needed -- when the data has, at some
> point, already been through mysqli_real_escape_string.
>
> <snip>
>
Then you should already know that. That's only a matter of common
sense. But you are still processing it with mysqli_real_escape_string().
But it seems you feel the need to argue just to argue.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]