SQL Clause


#1

So I have a question (obvious). Does anyone know why when I use SQL clauses that escape the ("") the SQL clauses stop changing colours?

$sql = "UPDATE `dd_users` SET diary = '" . mysqli_real_escape_string($_POST['diary']) . "' WHERE id = '" . $_SESSION['id'] . "' LIMIT 1";

UPDATE is purple
SET is purple
WHERE is green
LIMIT is green

This happens after (forgive me for not knowing the proper terminology) leaving the quotation to include code.

" . mysqli_real_escape_string($_POST['diary']) . "

and/or

" . $_SESSION['id'] . "

I did not include the single quotes because if I delete just the above section from the code, then the WHERE turns purple.

I’ve also tried changing the single quotes inside the two code snippets to double quotes, but that does not correct the issue either.

Thanks for any insight. Sorry if this has already been asked, I did attempt to search prior to asking =)


#2

Related to this perhaps?


#3

I don’t believe so. Nothing in my code is supposed to be escaped. It is all a part of the SQL.
If I echo the variable $SQL I get:

"UPDATE `dd_users` SET diary = 'REALLY LONG STRING' WHERE id = '1' LIMIT 1"

So there appears to be nothing wrong with the code itself.


#4

I think it’s because SQL keywords are only highlighted in strings that starts with some specific keywords, not just because the string contains them:

I also found an issue that may be related to that particular rule: