Jump to content

Archived

This topic is now archived and is closed to further replies.

dildolito

mysql php query syntax when using a variable.

Recommended Posts

Hi guys,
I am facing the following problem:

original query is : [color=red]"SELECT * FROM accounts WHERE email=' " . $_SESSION['email'] . " ' ";[/color]

however this query is located in a db.inc as:
[color=red]$q1="SELECT * FROM accounts WHERE email=' \$_SESSION[\"email\"] ' ";[/color]

the following execution doesnt really work :

require_once "db.inc";

*** database connection ****

[color=red]if(!($result = @ mysql_query($q1))) logError(); [/color]

**** close db *****

I have tried many variations with no success.
does anyone can help me with the right syntax for $q1 in the include file please?

thanks

Share this post


Link to post
Share on other sites
ok, this is a bit tricky. you'll need to check out the eval() function, but here's the gist of what you want:
[code]
<?php
// file 1:
$q1 = "SELECT * FROM accounts WHERE email = '\$_SESSION[email]'";

// file 2:
eval("\$result = mysql_query($q1);");
if (!$result) logError();
?>
[/code]

i believe that should fix it for you.

Share this post


Link to post
Share on other sites
[quote author=dildolito link=topic=101834.msg403400#msg403400 date=1153857981]
obsidian - wow that was fast , let me check , and i will post a reply ....thanks
[/quote]
i'll be off for a bit, but let me know if it works. i'll be back on later tonight to follow up.

Share this post


Link to post
Share on other sites
at the moment i have a parse error:

Parse error: syntax error, unexpected T_STRING in /usr/home/site/public_html/index.php(63) : eval()'d code on line 1
Error 0 :

Share this post


Link to post
Share on other sites
thanks for your help, obsidian. I hope others will find this post usefull.
if anyone has comments , please let me know.

this is the right syntax:
[code]
<?php
// file 1:
$q1 = "SELECT * FROM accounts WHERE email = '\$_SESSION[email]'";    // this is right

// file 2:
eval("\$result = mysql_query(\"$q1\");");        // pay attention to the corrections.
if (!$result) logError();
?>




[/code]

Share this post


Link to post
Share on other sites
I'm still not sure why this is required... why can't you pass mysql_query a string literal?

Share this post


Link to post
Share on other sites
well the two ways to include an array element in a string are:
[code]<?php
$ql = "SELECT * FROM accounts WEHRE email='$_SESSION[email]'";
?>[/code]
[code]<?php
$ql = "SELECT * FROM accounts WEHRE email='{$_SESSION['email']}'";
?>[/code]
You don't even need to go the eval() route here...

Share this post


Link to post
Share on other sites
That's what I thought... eval() is evil is almost all languages.

Share this post


Link to post
Share on other sites
[quote author=ryanlwh link=topic=101834.msg403506#msg403506 date=1153869236]
well the two ways to include an array element in a string are:
[code]<?php
$ql = "SELECT * FROM accounts WEHRE email='$_SESSION[email]'";
?>[/code]
[code]<?php
$ql = "SELECT * FROM accounts WEHRE email='{$_SESSION['email']}'";
?>[/code]
You don't even need to go the eval() route here...
[/quote]

look at what he's asked for. that's why you can't just pass it the string literal. he's trying to define the query in the first include file and simply call it throughout different files. he's basically doing a merge on the string itself. the only other way to do it would be to set up a little string parser:
[code]
<?php
// file 1
$q1 = "SELECT * FROM accounts WHERE email = '{VALUE}'";

// file 2
$q1 = str_replace('{VALUE}', $_SESSION['email'], $q1);
$result = mysql_query($q1);
?>
[/code]

[quote=fenway]
That's what I thought... eval() is evil is almost all languages.
[/quote]
eval() is only evil if you're not educated in its proper use. it is one of the most useful functions to know in its own respect.

[quote=dildolito]
thanks for your help, obsidian. I hope others will find this post usefull.
if anyone has comments , please let me know.
[/quote]

thanks for the update. sorry i missed those quotes :P

Share this post


Link to post
Share on other sites
Clearly, I missed that subtle point.. I didn't realize that he was trying to substitute a value from the local calling scope into the string from the other file.  In this case, eval() is quite useful.  However, eval() is often used to dynamically compose variable names and such, which is expensive and almost always unnecessary.

Share this post


Link to post
Share on other sites
[quote author=fenway link=topic=101834.msg403943#msg403943 date=1153928295]
Clearly, I missed that subtle point.. I didn't realize that he was trying to substitute a value from the local calling scope into the string from the other file.  In this case, eval() is quite useful.  However, eval() is often used to dynamically compose variable names and such, which is expensive and almost always unnecessary.
[/quote]

very true... and to me, the optative word there is [b]almost[/b] ;-).

i totally agree with the statement, though

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.