genista Posted August 29, 2015 Share Posted August 29, 2015 Hi, I am using GET to receive a variable from a url and then selecting from the DB where I find a match on that value. The problem, which I have never seen before the error tells me that the value is being used to find the column name: Uncaught exception 'PDOException' with message 'SQLSTATE[42S22]: Column not found: 1054 Unknown column 'car' Here is the code, the get value is car - why is it doing this?! $type = $_GET['type']; $userid = $_SESSION['user_session']; //item per page$limit = 5; $page = filter_input(INPUT_GET, 'p', FILTER_VALIDATE_INT, array( 'options' => array('min_range' => 1, 'default' => 1))); $sqlContent="SELECT make, model, year, rideid FROM ride1 WHERE type = $type"; Thanks, G Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted August 29, 2015 Share Posted August 29, 2015 You need to surround $type with quotes in the query $sqlContent="SELECT make, model, year, rideid FROM ride1 WHERE type = '$type'"; Quote Link to comment Share on other sites More sharing options...
Solution mac_gyver Posted August 29, 2015 Solution Share Posted August 29, 2015 you might want to use a prepared query to get the $type value into the sql statement in order to prevent sql injection or errors if the value contains sql special-characters. using a prepared query to provide the $type value, would have also prevented the original error you are getting. Quote Link to comment Share on other sites More sharing options...
genista Posted August 31, 2015 Author Share Posted August 31, 2015 Thanks, both responses have helped and solved the issue. G Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.