php oci_execute pattern for sql

Question

I have a simple query in php on oracle:

    $query='select u.username,u.lastname,u.firstname,c.event,c.reason 
    from users u, events c 
    where c.created_by=u.user_id and 
    u.username!="foo" and 
    c.event > "2012-01-01"';

this passes through oci_parse just fine....

but there is a translation that needs to happen in order for oci_execute to not choke on an 'Invalid Identifier' for the conditions. The query above works fine if I remove the "and u.username!="foo" and c.event > '2012-01-01'" from the statement, like this:

    $query='select u.username,u.lastname,u.firstname,c.event,c.reason 
    from users u, events c 
    where c.created_by=u.user_id';

What is the proper way to structure the statement to get the user and date conditions passed to oci_execute?

Answer 1

In Oracle strings are delimited by single quotes ' while identifiers are delimited by double-quotes " so your query should probably be:

$query='select u.username,u.lastname,u.firstname,c.event,c.reason 
from users u, events c 
where c.created_by=u.user_id and 
u.username!=\'foo\' and 
c.event > \'2012-01-01\'';

You would use double-quotes to identify objects with mixed-case names for example:

CREATE TABLE "testTable" (id number);

SELECT * FROM testTable ; /* fails with ORA-00942*/

SELECT * FROM "testTable"; /* succeeds */