jeva39 Posted September 4, 2006 Share Posted September 4, 2006 Please what is the correct syntax for include a variable in a sql query like this:$tipo=_GET['clas']$sql = 'select id,clase,tema,ritmo,autor,arreglo,fecha,kar,nuevo,archivo from temas where CLASE like [b]I NEED INCLUDE $tipo HERE [/b] order by ' . $sort;Thanks in advanced.... Link to comment https://forums.phpfreaks.com/topic/19627-problem-with-sql-query/ Share on other sites More sharing options...
ToonMariner Posted September 4, 2006 Share Posted September 4, 2006 $tipo= $_GET['clas'];$sql = "select id,clase,tema,ritmo,autor,arreglo,fecha,kar,nuevo,archivo from temas where CLASE like '" . $tipo . "' HERE order by " . $sort;you may want to use '%" . $tipo . "%'I still concatenate vars in a double quoted string so that I can see them a little easier in my chosen editor you don't have to for it to work but its just a habit (i think a good one) of mine Link to comment https://forums.phpfreaks.com/topic/19627-problem-with-sql-query/#findComment-85468 Share on other sites More sharing options...
Jenk Posted September 4, 2006 Share Posted September 4, 2006 sanitise user input. Link to comment https://forums.phpfreaks.com/topic/19627-problem-with-sql-query/#findComment-85470 Share on other sites More sharing options...
jeva39 Posted September 4, 2006 Author Share Posted September 4, 2006 Thanks very much ToonMariner! All working fine :) My problem is that I work many time with ASP and ASP.NET and I still confused with the PHP syntax. Really, thanks..Jorge, Panamá Link to comment https://forums.phpfreaks.com/topic/19627-problem-with-sql-query/#findComment-85551 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.