Problem with invalid column on select

[genista]

Hi,

 

I am using GET to receive a variable from a url and then selecting from the DB where I find a match on that value. The problem, which I have never seen before the error tells me that the value is being used to find the column name:

 

Uncaught exception 'PDOException' with message 'SQLSTATE[42S22]: Column not found: 1054 Unknown column 'car'

 

Here is the code, the get value is car - why is it doing this?!

 

$type = $_GET['type']; $userid = $_SESSION['user_session'];  //item per page$limit = 5;         $page = filter_input(INPUT_GET, 'p', FILTER_VALIDATE_INT, array(    'options' => array('min_range' => 1, 'default' => 1)));         $sqlContent="SELECT make, model, year, rideid FROM ride1 WHERE type = $type";
 

 

Thanks,

 

G

[Ch0cu3r]

You need to surround $type with quotes in the query

$sqlContent="SELECT make, model, year, rideid FROM ride1 WHERE type = '$type'";

[mac_gyver]

you might want to use a prepared query to get the $type value into the sql statement in order to prevent sql injection or errors if the value contains sql special-characters. using a prepared query to provide the $type value, would have also prevented the original error you are getting.

[genista]

Thanks, both responses have helped and solved the issue.

 

G