Can I prepare a MySQL statement on both sides of an equality?

[Jaxel]

if (!$channel = $this->_getDb()->fetchRow("
    SELECT *
    FROM EWRcanal_channels
    WHERE ? = ?
", array($type, $data)))
{
    return false;
}

Is this code semantically possible?

 

[digitalpoint]

Technically you should be able to... but not sure you could call out a column name (if that's what you are trying to do) with the first part since it's going to wrap it in quotes within the query.

It would end up being a query like:

SELECT *
FROM EWRcanal_channels
WHERE 'type' = 'someValue'

Maybe I'm not thinking of something, but pretty sure the query will always return no records if $type and $data are different, and will return all records if they are the same.

 

[Luke F]

Check if $type is within an array of predetermined values for sanity and vs injection and then just stick it directly in the query string

I'm assuming you want to treat $type as a column name and not a string, otherwise there'd be no purpose of doing the comparison in sql

 

[Jaxel]

Yeah... you're right... I should just check it in a switch-case.