为什么将`放在列周围? [英] Why put ` around columns?
问题描述
在某些代码中,我看到人们将`放在他们的列周围.为什么?与不使用它们有什么区别?
In some code i see people put ` around their columns. Why? IS there any difference from not using them?
SELECT `players`.`name`, `houses`.`id` FROM `players`, `houses`
WHERE `houses`.`owner` = `players`.`id`
推荐答案
使用反引号可以将保留字用作列名或表名,例如
Using the backquotes allows reserved words to be used as column or table names e.g.
SELECT `values` FROM `references` WHERE `precision` > 0
以及带有非字母数字的名称也必须包含在`"之间,例如.
and names with nonalphanumerics must be enclosed between the "`"s too, e.g.
SELECT `user name` FROM `registered users` WHERE `total score` > 0
请参见 http://dev.mysql.com/doc/refman /5.1/en/identifiers.html 了解详情.
我认为,当动态使用这些名称(例如, (人工示例)
I think this is often seen when those names are used dynamically, e.g. (artificial example)
mysql_prepare_statement("SELECT `%q` FROM `%q` WHERE `%q` > 0", col, tbl, col_cond);
采用这种形式,可以相同地处理任何种类的列名和表名,并且可以避免恶意注入尝试,例如col = "1; DROP TABLE users--"
.
in this form, any kinds of column and table names can be handled identically, and malicious injection attempts such as col = "1; DROP TABLE users--"
can be avoided.
这篇关于为什么将`放在列周围?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!