In SQL you should not quote integer numbers, because if you quote, it would be a string.
But i'm curious of what problems/complications can occur if I do so?
For example:SELECT * FROM table WHERE id = 1
(Correct)
vs.SELECT * FROM table WHERE id = '1'
(Incorrect)
P.s. Didn't find any duplicate on this question. Correct me if there is
This is an interesting question, and I spent A LOT of time investigating the possible outcome (for mysql).
So far I was able to find only 1,5 disadvantages:
First, you will get weird results if perform a math or a comparison operation on a BIGINT value if one of operands is sent in the query as a string - due to the fact that in this case both operands will be cast to floats and thus lose precision. Here is a demonstration code. Just run these queries and check the results, which are quite embarrassing:
create table bint(i bigint);
insert into bint values (18014398509481984);
update bint set i=i+'1';
update bint set i=i+1
update bint set i=i+'1'
But for just selecting or updating BIGINT values there is still no problem to have them quoted in the query or bound as strings in the prepared statement.
So you can tell that for the regular queries with regular data types there is absolutely no difference.
The only query part that is syntactically doesn't allow string operands is a LIMIT clause: a LIMIT '1'
will cause a syntax error.
However, with a prepared statement, if you bind a LIMIT parameter as a string, it will do all right:
$stmt = $mysqli->prepare("SELECT value FROM table LIMIT ?");
$stmt->bind_param("s", $limit);
will go without errors.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With