Php function within SQL statement syntax

I have the following code. I would like username to take the value of the getUserN开发者_如何学JAVAame function however I am fighting with syntax. Can anybody tell me what should be the correct one?

$query = "SELECT user FROM users_entity WHERE username = getUserName()";

You can use concatenation with the period:

$query = "SELECT user FROM users_entity WHERE username = '".mysql_real_escape_string(getUserName())."'";

Make sure to escape your data!

You can't embed the result of a function directly into a string. However you can store the contents of a variable:

$username = mysql_real_escape_string(getUserName());
$query = "SELECT user FROM users_entity WHERE username = '$username'";

Or, you could concatenate your string like this:

$query = 'SELECT user FROM users_entity WHERE username = \'' . mysql_real_escape_string(getUserName()) . '\'';

You cannot interpolate (internally string-replace) PHP function names into strings.

You probably want something more like this:

$query = sprintf("SELECT user FROM users_entity WHERE username = '%s'"
    mysql_real_escape_string(getUserName())
);

$query = "SELECT user FROM users_entity WHERE username = '".getUserName()."'";