PHP variable as table name in SQL query

Question

Can a PHP variable be used as a table name in an SQL query? In my case the PHP variable that goes after FROM should be the value being sent from my JQuery code. I want the SQL q

Answer 1

A double-quoted string will parse any variables within it, so this will work. A single-quoted string would not.

However, this is generally not considered secure. I'm not sure if you can use a bindParam method to achieve this (I use PDO, not mysqli) as it's not actually a parameter.