Jump to content


Photo

mysql php query syntax when using a variable.


  • Please log in to reply
11 replies to this topic

#1 dildolito

dildolito
  • New Members
  • Pip
  • Newbie
  • 7 posts

Posted 25 July 2006 - 07:51 PM

Hi guys,
I am facing the following problem:

original query is : "SELECT * FROM accounts WHERE email=' " . $_SESSION['email'] . " ' ";

however this query is located in a db.inc as:
$q1="SELECT * FROM accounts WHERE email=' \$_SESSION[\"email\"] ' ";

the following execution doesnt really work :

require_once "db.inc";

*** database connection ****

if(!($result = @ mysql_query($q1))) logError();

**** close db *****

I have tried many variations with no success.
does anyone can help me with the right syntax for $q1 in the include file please?

thanks

#2 obsidian

obsidian
  • Staff Alumni
  • Advanced Member
  • 3,202 posts
  • LocationSeattle, WA

Posted 25 July 2006 - 08:01 PM

ok, this is a bit tricky. you'll need to check out the eval() function, but here's the gist of what you want:
<?php
// file 1:
$q1 = "SELECT * FROM accounts WHERE email = '\$_SESSION[email]'";

// file 2:
eval("\$result = mysql_query($q1);");
if (!$result) logError();
?>

i believe that should fix it for you.
You can't win, you can't lose, you can't break even... you can't even get out of the game.

<?php
while (count($life->getQuestions()) > 0)
{   $life->study(); } ?>
  LINKS: PHP: Manual MySQL: Manual PostgreSQL: Manual (X)HTML: Validate It! CSS: A List Apart | IE bug fixes | Zen Garden | Validate It! JavaScript: Reference Cards RegEx: Everything RegEx

#3 dildolito

dildolito
  • New Members
  • Pip
  • Newbie
  • 7 posts

Posted 25 July 2006 - 08:06 PM

obsidian - wow that was fast , let me check , and i will post a reply ....thanks

#4 obsidian

obsidian
  • Staff Alumni
  • Advanced Member
  • 3,202 posts
  • LocationSeattle, WA

Posted 25 July 2006 - 08:08 PM

obsidian - wow that was fast , let me check , and i will post a reply ....thanks

i'll be off for a bit, but let me know if it works. i'll be back on later tonight to follow up.
You can't win, you can't lose, you can't break even... you can't even get out of the game.

<?php
while (count($life->getQuestions()) > 0)
{   $life->study(); } ?>
  LINKS: PHP: Manual MySQL: Manual PostgreSQL: Manual (X)HTML: Validate It! CSS: A List Apart | IE bug fixes | Zen Garden | Validate It! JavaScript: Reference Cards RegEx: Everything RegEx

#5 dildolito

dildolito
  • New Members
  • Pip
  • Newbie
  • 7 posts

Posted 25 July 2006 - 08:26 PM

at the moment i have a parse error:

Parse error: syntax error, unexpected T_STRING in /usr/home/site/public_html/index.php(63) : eval()'d code on line 1
Error 0 :

#6 dildolito

dildolito
  • New Members
  • Pip
  • Newbie
  • 7 posts

Posted 25 July 2006 - 08:51 PM

thanks for your help, obsidian. I hope others will find this post usefull.
if anyone has comments , please let me know.

this is the right syntax:
<?php
// file 1:
$q1 = "SELECT * FROM accounts WHERE email = '\$_SESSION[email]'";    // this is right

// file 2:
eval("\$result = mysql_query(\"$q1\");");        // pay attention to the corrections. 
if (!$result) logError();
?>






#7 fenway

fenway
  • Staff Alumni
  • MySQL Si-Fu / PHP Resident Alien
  • 16,199 posts
  • LocationToronto, ON

Posted 25 July 2006 - 10:33 PM

I'm still not sure why this is required... why can't you pass mysql_query a string literal?
Seriously... if people don't start reading this before posting, I'm going to consider not answering at all.

#8 ryanlwh

ryanlwh
  • Staff Alumni
  • Advanced Member
  • 511 posts

Posted 25 July 2006 - 11:13 PM

well the two ways to include an array element in a string are:
<?php
$ql = "SELECT * FROM accounts WEHRE email='$_SESSION[email]'";
?>
<?php 
$ql = "SELECT * FROM accounts WEHRE email='{$_SESSION['email']}'";
?>
You don't even need to go the eval() route here...
Please use EDIT * 100...
Please use
or [php] * 1000...

PLEASE READ THE POSTED SOLUTIONS CAREFULLY * 1000000...

#9 fenway

fenway
  • Staff Alumni
  • MySQL Si-Fu / PHP Resident Alien
  • 16,199 posts
  • LocationToronto, ON

Posted 26 July 2006 - 01:37 AM

That's what I thought... eval() is evil is almost all languages.
Seriously... if people don't start reading this before posting, I'm going to consider not answering at all.

#10 obsidian

obsidian
  • Staff Alumni
  • Advanced Member
  • 3,202 posts
  • LocationSeattle, WA

Posted 26 July 2006 - 12:26 PM

well the two ways to include an array element in a string are:

<?php
$ql = "SELECT * FROM accounts WEHRE email='$_SESSION[email]'";
?>
<?php 
$ql = "SELECT * FROM accounts WEHRE email='{$_SESSION['email']}'";
?>
You don't even need to go the eval() route here...


look at what he's asked for. that's why you can't just pass it the string literal. he's trying to define the query in the first include file and simply call it throughout different files. he's basically doing a merge on the string itself. the only other way to do it would be to set up a little string parser:
<?php
// file 1
$q1 = "SELECT * FROM accounts WHERE email = '{VALUE}'";

// file 2
$q1 = str_replace('{VALUE}', $_SESSION['email'], $q1);
$result = mysql_query($q1);
?>

That's what I thought... eval() is evil is almost all languages.

eval() is only evil if you're not educated in its proper use. it is one of the most useful functions to know in its own respect.

thanks for your help, obsidian. I hope others will find this post usefull.
if anyone has comments , please let me know.


thanks for the update. sorry i missed those quotes :P
You can't win, you can't lose, you can't break even... you can't even get out of the game.

<?php
while (count($life->getQuestions()) > 0)
{   $life->study(); } ?>
  LINKS: PHP: Manual MySQL: Manual PostgreSQL: Manual (X)HTML: Validate It! CSS: A List Apart | IE bug fixes | Zen Garden | Validate It! JavaScript: Reference Cards RegEx: Everything RegEx

#11 fenway

fenway
  • Staff Alumni
  • MySQL Si-Fu / PHP Resident Alien
  • 16,199 posts
  • LocationToronto, ON

Posted 26 July 2006 - 03:38 PM

Clearly, I missed that subtle point.. I didn't realize that he was trying to substitute a value from the local calling scope into the string from the other file.  In this case, eval() is quite useful.  However, eval() is often used to dynamically compose variable names and such, which is expensive and almost always unnecessary.
Seriously... if people don't start reading this before posting, I'm going to consider not answering at all.

#12 obsidian

obsidian
  • Staff Alumni
  • Advanced Member
  • 3,202 posts
  • LocationSeattle, WA

Posted 26 July 2006 - 05:21 PM

Clearly, I missed that subtle point.. I didn't realize that he was trying to substitute a value from the local calling scope into the string from the other file.  In this case, eval() is quite useful.  However, eval() is often used to dynamically compose variable names and such, which is expensive and almost always unnecessary.


very true... and to me, the optative word there is almost ;-).

i totally agree with the statement, though
You can't win, you can't lose, you can't break even... you can't even get out of the game.

<?php
while (count($life->getQuestions()) > 0)
{   $life->study(); } ?>
  LINKS: PHP: Manual MySQL: Manual PostgreSQL: Manual (X)HTML: Validate It! CSS: A List Apart | IE bug fixes | Zen Garden | Validate It! JavaScript: Reference Cards RegEx: Everything RegEx




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users