Using XQuery with PHP Variables

Question

I am trying to run xquery with php. I have gotten certain queries to run, however, I'm not exactly sure how to use variables in it. I've been searching for a while, but little references.

Thank you.

This is the variable and the query:

$contype=$_POST['ctype']; 
$cnumber=$_POST['number'];
$cid = $_POST['id'];

$query = 'UPDATE clients SET phone = xmlquery(\'transform copy $pn := $num modify do insert
document{
    <contact type="$contype">
        <phoneno>$cnumber</phoneno>
    </contact>
}
into $pn/phone
return $pn\'
passing clients.phone as "num")
where id =$cid';

Answer 1

Thank you! PHP does have a way with these things, even for XQuery. Here is what I did:

$contype=$_POST['ctype']; 
$cnumber=$_POST['number'];
$cid = $_POST['id'];

$query = 'UPDATE clients SET phone = xmlquery(\'transform copy $pn := $num modify do insert
document{
    <contact type="'.$contype.'">
        <phoneno>'.$cnumber.'</phoneno>
    </contact>
}
into $pn/phone
return $pn\'
passing clients.phone as "num")
where id =$cid';

This is also to help others in making the same type of app. :)

Answer 2

For PHP this is just a string. You're using single quotes, so variables will not be replaced in the string. You can concatenate the static parts with the dynamic, use double quotes string, use sprintf(), ...

$foo = 'Hello '.$name.'!';
$foo = "Hello $name!";
$foo = sprintf('Hello %s!', $name);

Depending on how you use the string, prepared statements are an option. They take care of the escaping that might be needed otherwise to avoid SQL injections.