Jump to content


Photo

use variables in mysql query


  • Please log in to reply
5 replies to this topic

#1 sdaniels

sdaniels
  • Members
  • PipPipPip
  • Advanced Member
  • 46 posts

Posted 12 April 2006 - 03:34 AM

here is my code

$result = mysql_query("SELECT * FROM security_menu_main WHERE sec_level <= '$_SESSION[seclevel]' AND isactive = 'y'");

the query is ignoring the "sec_level <= $_SESSION[seclevel]" and just checking if isactive is == y

what am I doing wrong?

#2 DougieB2

DougieB2
  • Members
  • PipPip
  • Member
  • 14 posts

Posted 12 April 2006 - 05:06 AM

A tip is to echo out your query string, so you can see what's going on.


$query = "SELECT * FROM security_menu_main WHERE sec_level <= '$_SESSION[seclevel]' AND isactive = 'y'";
echo "original query: " . $query;

$query = "SELECT * FROM security_menu_main WHERE sec_level <= '" . $_SESSION['seclevel'] . "' AND isactive = 'y'";
echo "new query: " . $query;

$result = mysql_query($query);


#3 hadoob024

hadoob024
  • Members
  • PipPipPip
  • Advanced Member
  • 192 posts

Posted 12 April 2006 - 05:14 AM

hmm... maybe your problem is that $_SESSION variables are accessed using the following syntax:
$_SESSION['seclevel']


and in your query string, you're accessing the value using:
$_SESSION[seclevel]


maybe you're just missing the single quotes?

i've also read about using the tickmarks (`) around table and field names. could this be what's missing?

#4 sdaniels

sdaniels
  • Members
  • PipPipPip
  • Advanced Member
  • 46 posts

Posted 12 April 2006 - 05:19 AM

[!--quoteo(post=363894:date=Apr 12 2006, 12:14 AM:name=hadoob024)--][div class=\'quotetop\']QUOTE(hadoob024 @ Apr 12 2006, 12:14 AM) View Post[/div][div class=\'quotemain\'][!--quotec--]
hmm... maybe your problem is that $_SESSION variables are accessed using the following syntax:
$_SESSION['seclevel']
and in your query string, you're accessing the value using:
$_SESSION[seclevel]
maybe you're just missing the single quotes?

i've also read about using the tickmarks (`) around table and field names. could this be what's missing?
[/quote]

thanks for the help, it turens out that i have a different problem
this code
$query = "SELECT user_sec_level FROM security_users WHERE user_name = '$name' AND user_password = '$password'";
$sec_level = @mysql_query($query);
$_SESSION[seclevel] = $sec_level;

the problem that $sec_level is a vale of 'resource id #5' i need it to be the value that is in that that location in the table....

im missing a step... any ideas?

#5 BladeMetal

BladeMetal
  • Members
  • PipPip
  • Member
  • 13 posts

Posted 12 April 2006 - 08:53 AM

[!--quoteo(post=363894:date=Apr 12 2006, 03:14 PM:name=hadoob024)--][div class=\'quotetop\']QUOTE(hadoob024 @ Apr 12 2006, 03:14 PM) View Post[/div][div class=\'quotemain\'][!--quotec--]
hmm... maybe your problem is that $_SESSION variables are accessed using the following syntax:
$_SESSION['seclevel']
and in your query string, you're accessing the value using:
$_SESSION[seclevel]
maybe you're just missing the single quotes?
[/quote]
no his syntax is 100% correct. When calling superglobals in something like an echo statement you can have:
echo 'This session superglobal equals $_SESSION[value]';


#6 kulmacet

kulmacet
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 12 April 2006 - 01:34 PM

[!--quoteo(post=363895:date=Apr 12 2006, 12:19 AM:name=sdaniels)--][div class=\'quotetop\']QUOTE(sdaniels @ Apr 12 2006, 12:19 AM) View Post[/div][div class=\'quotemain\'][!--quotec--]
thanks for the help, it turens out that i have a different problem
this code
$query = "SELECT user_sec_level FROM security_users WHERE user_name = '$name' AND user_password = '$password'";
$sec_level = @mysql_query($query);
$_SESSION[seclevel] = $sec_level;

the problem that $sec_level is a vale of 'resource id #5' i need it to be the value that is in that that location in the table....

im missing a step... any ideas?
[/quote]


TRY THIS Some changes have been made to the way you handle the variable

$query = "SELECT user_sec_level FROM security_users WHERE user_name = '$name' AND user_password = '$password'";
$sec_level = @mysql_query($query);

$set = mysql_fetch_array($sec_level);
$security_level = $set["user_sec_level"];

$_SESSION[seclevel] = $security_level;




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users