2011/8/16 Michal Čihař michal@cihar.com:
Hi
Dne Tue, 16 Aug 2011 10:49:02 +0200 Dieter Adriaenssens dieter.adriaenssens@gmail.com napsal(a):
I noticed Piotr removed back quotes from a few fields in an SQL query. They were fixed strings (no variables), so they don't really need escaping, but I was under the impression that it is good practice to add back quotes to every field/table/database name in a SQL query, not only the dynamic ones?
It is usually good practice to avoid problems in case future MySQL versions will introduce new keywords.
I removed backquotes which were added by passing literal strings to PMA_backquote, as it only made reading code more difficult, and removed one case of passing aggregate SQL expression in ORDER BY clause to it. Personally, I use them only when necessary as shorter queries are more readable to me. If we want to use backquotes, their usage should be consistent.