**RESOLVED** trying to post a variable into my query

[alexcmm]

Dunno if that title makes sense... but here's what I've got.

I've got a form with drop down menus that have something like:

[b]<option value="WHERE attending='Yes'">List of Attendings</option>[/b]

but when that post's to the page that actually calls on the mysql db it doesn't like the apostrophes. I guess it adds slashes to them. Here's where I call for the info:

[b]$query="SELECT * FROM tbllogin [color=red][i]$mainreport [/i] [/color] $sortby";[/b] [i](obviously, [color=red][b]$mainreport[/b][/color] would be replaced by [color=red][b]WHERE attending='Yes'[/b][/color] in this case)[/i]

what can I do to make what I'm trying to do work? I tried using [b]&apos;[/b] in the apostrphes place... no worky.

[Orio]

Try-
$query="SELECT * FROM tbllogin ".stripslashes($mainreport)." ".stripslashes($sortby)";

Just be aware- your script is not secure.

Orio.

[alexcmm]

not secure because my "tbllogin" is there instead of a "$usertable" or something? Or is there another reason?

Also, I tried the code you gave and it gave there error:
[b]Parse error: parse error, unexpected '\"' in /usr/.../mainreport.php on line 133[/b]

know why?

I really appreciate your help.  ~Alex

[alexcmm]

Nevermind, I've got it... thanks for your help Orio!!