JackW Posted August 11, 2006 Share Posted August 11, 2006 I think I have a duh question. I am attaching an ID number to the urlExample someurl?variable1. The ID number is there and I can retrieve it. How do I get it into my select * from query? Here is my code:// open data base@ $db = mysql_pconnect('someserver.net', 'somedatabase', ' My password');mysql_select_db('somedatabase1') or die( "Unable to select database");//fetch Row ID number$var1 = $_GET['variable1'];echo $var1;{$query= 'SELECT * FROM `sometable` WHERE `ID` LIKE [color=red]??[/color] LIMIT 0, 5 ';$query_results=mysql_query($query);$match_results=mysql_num_rows($query_results);}for ($i=0; $i < $match_results; $i++){$row=mysql_fetch_array($query_results);echo ($row ['body'] ); }mysql_close($db);The variable I want is being transferred and it shows up at echo $var1 just fine. How do I get it to be where the [color=red]??[/color] is in:$query= 'SELECT * FROM `sometable` WHERE `ID` LIKE [color=red]??[/color] LIMIT 0, 5 ';Everything I have tried has presented me with an error message.If I replace the ?? with the ID number I do get the results I want, but how do I get it place the ID number in the select line automatically? ??? Quote Link to comment Share on other sites More sharing options...
Orio Posted August 11, 2006 Share Posted August 11, 2006 Depends what you want...If you want to select the rows where the ID column is equal to $var1, do this:$query="SELECT * FROM `sometable` WHERE `ID`='$var1' LIMIT 0, 5";Btw, you should read about SQL injections and about mysql_real_escape_string()Orio. Quote Link to comment Share on other sites More sharing options...
JackW Posted August 11, 2006 Author Share Posted August 11, 2006 Thank you :)I will give that a try, and also try to find information on SQL injections and about mysql_real_escape_string() Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.