lasha Posted March 19, 2014 Share Posted March 19, 2014 Hello this error is my problem. help me please $query = "SELECT * FROM car WHERE owner = ".$_POST['owner'].""; Quote Link to comment Share on other sites More sharing options...
Solution gristoi Posted March 19, 2014 Solution Share Posted March 19, 2014 try $query = "SELECT * FROM `car` WHERE `owner` = '{$_POST['owner']}' "; Quote Link to comment Share on other sites More sharing options...
lasha Posted March 19, 2014 Author Share Posted March 19, 2014 Ou thank you Gristoi ! But i don't understent why it doesn not work becouse i have made something like this in the past and works well can you explain whats wrong with this code? Thanks again Quote Link to comment Share on other sites More sharing options...
gristoi Posted March 19, 2014 Share Posted March 19, 2014 mysql parses from right to left. you did not he single quotes around your post variable so it broke the syntax Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted March 19, 2014 Share Posted March 19, 2014 the value being put into the query is literal string data and needs to be surrounded by single-quotes so that it is treated as a string of characters, rather than a mysql keyword or a column name. Quote Link to comment Share on other sites More sharing options...
lasha Posted March 19, 2014 Author Share Posted March 19, 2014 Thank you very much! You helped me so much to out from this lane... Thanks Quote Link to comment Share on other sites More sharing options...
jazzman1 Posted March 19, 2014 Share Posted March 19, 2014 needs to be surrounded by single-quotes @mac, why only by single-quotes? The values of string type just need to be quoted. I've never use double quotes to quote the value with char/varchar or date/time type but the following should be worked as well. $query = 'SELECT * FROM car WHERE owner = "'.$_POST['owner'].'"'; Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted March 19, 2014 Share Posted March 19, 2014 (edited) because, double-quotes can be enabled (a sql standard) to be used the same as back-ticks (a mysql specific abomination) and used around database, table, and column names, thereby breaking any query using double-quotes around string data and making it difficult to migrate to other database types - If the ANSI_QUOTES SQL mode is enabled, it is also allowable to quote identifiers within double quotes: Edited March 19, 2014 by mac_gyver Quote Link to comment Share on other sites More sharing options...
jazzman1 Posted March 19, 2014 Share Posted March 19, 2014 (edited) I'm agree with you by speaking of identifiers. But the issue we have here is about constants of char type. Edited March 19, 2014 by jazzman1 Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted March 19, 2014 Share Posted March 19, 2014 did you look at the OP's problem? he's getting an unknown column error because his $_POST['owner'] value has no quotes around it at all, producing a query - SELECT * FROM car WHERE owner = some_owner_name and the some_owner_name value is being interpreted as a column name. Quote Link to comment Share on other sites More sharing options...
jazzman1 Posted March 19, 2014 Share Posted March 19, 2014 did you look at the OP's problem? Yes, I do! In that case "owner" is the identifier, its value it is a constant named "some_owner_name". So, in the cite you cited above we can allowable to quote identifiers within double quotes, like this: SELECT * FROM car WHERE "owner" = some_owner_name. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.