Jump to content


Photo

mysql and $_GET


  • Please log in to reply
6 replies to this topic

#1 Backspace

Backspace
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 02 March 2006 - 07:32 PM

i cant get it to work if i try to use $_GET. heres the code that does.

$query = 'SELECT * FROM codes WHERE code = \'code_data\'';


now when i tried

$query = 'SELECT * FROM codes WHERE code = '.addslashes($_GET['code'])'';

it says that it cannot find that row.

#2 fenway

fenway
  • Staff Alumni
  • MySQL Si-Fu / PHP Resident Alien
  • 16,199 posts
  • LocationToronto, ON

Posted 02 March 2006 - 07:36 PM

It looks like the quoting is all wrong for the second query -- what the query look like when you echo it in PHP?
Seriously... if people don't start reading this before posting, I'm going to consider not answering at all.

#3 Backspace

Backspace
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 02 March 2006 - 07:39 PM

This is what it echos as the mysql error.

Query failed: Unknown column 'something' in 'where clause'

#4 wickning1

wickning1
  • Members
  • PipPipPip
  • Advanced Member
  • 405 posts

Posted 02 March 2006 - 08:12 PM

Is magic_quotes on? If so, the addslashes() will mess up your query.

Use get_magic_quotes_gpc() to find out if they are turned on.

#5 jworisek

jworisek
  • Members
  • PipPipPip
  • Advanced Member
  • 112 posts

Posted 02 March 2006 - 08:17 PM

shouldn't it look like below with the trailing period ?

$query = 'SELECT * FROM codes WHERE code = '.addslashes($_GET['code']).'';


#6 fenway

fenway
  • Staff Alumni
  • MySQL Si-Fu / PHP Resident Alien
  • 16,199 posts
  • LocationToronto, ON

Posted 02 March 2006 - 09:59 PM

Not sure why you're concatenating an empty string -- does it work without the addslashes()?
Seriously... if people don't start reading this before posting, I'm going to consider not answering at all.

#7 Backspace

Backspace
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 03 March 2006 - 06:24 AM

I turned off magic quotes and tried that, it dident work. and withought the addslashes it still gives the same error

Query failed: Unknown column 'something' in 'where clause'

is there anyway to get it to look like the one that did work
\'code_data\''

i also tried to use $str = $_GET['code'] and it used $str as the name lol.

also it works with just $_GET when i add this into the URL

[a href=\"http://localhost/codelist.php?code='pso'\" target=\"_blank\"]http://localhost/codelist.php?code=code'[/a]

the ' ', is there syntax for this so i can place into that code without error.

edit: nm i got it to work by adding that into the url thanks.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users