[Phpmyadmin-devel] backquotes in SQL query

Marc Delisle marc at infomarc.info
Tue Aug 16 12:33:46 CEST 2011

Le 2011-08-16 04:49, Dieter Adriaenssens a écrit :
> Hi,
> I noticed Piotr removed back quotes from a few fields in an SQL query.
> They were fixed strings (no variables), so they don't really need
> escaping, but I was under the impression that it is good practice to
> add back quotes to every field/table/database name in a SQL query, not
> only the dynamic ones?

I haven't seen any recommendation stating that this is a good practice.
After all,

- backquotes is only an escaping mechanism (introduced by MySQL) so
phpMyAdmin should add them in all dynamic cases
- SQL purists hate these backquotes

Marc Delisle

More information about the Developers mailing list