syntax101 Posted December 5, 2007 Share Posted December 5, 2007 <?php if (!isset($_SESSION)) { session_start(); } ?> correct if the code is: $sql = 'SELECT * FROM orders WHERE transaction <> "COMPLETE" and cust_num = (Select cust_num from customer where cust_username = "squall")'; squall is a username the value note:it returns a query MY PROBLEM wrong if the code is: $sql = 'SELECT * FROM orders WHERE transaction <> "COMPLETE" and cust_num = (Select cust_num from customer where cust_username = '$_SESSION['MM_Username']); $_SESSION['MM_Username'] can anyone help me how do i query the session variable why is it wrong and i try to change the aphpstrophe but it doesnt return any query Quote Link to comment Share on other sites More sharing options...
trq Posted December 5, 2007 Share Posted December 5, 2007 Try... $sql = "SELECT * FROM orders WHERE transaction <> 'COMPLETE' AND cust_num = (SELECT cust_num FROM customer WHERE cust_username = '{$_SESSION['MM_Username']})"; Quote Link to comment Share on other sites More sharing options...
matstuff Posted December 5, 2007 Share Posted December 5, 2007 For a start, it looks like you're trying to take advantage of PHP's magic quotes, but that only works if you're using double quotes, not single quotes. e.g. $a = "Hello"; echo "$a and goodbye"; output: Hello and goodbye However, IMO, it's better practise to strucutre MySQL queries using sprintf, as you can see more clearly where your variables etc. are. your code would become: $sql = sprintf('SELECT * FROM orders WHERE transaction <> "COMPLETE" and cust_num = (Select cust_num from customer where cust_username = "%s")', $_SESSION['MM_Username']); Quote Link to comment Share on other sites More sharing options...
revraz Posted December 5, 2007 Share Posted December 5, 2007 This is also redundant. It's not broke, but it's not required either. session_start() will resume a session if it's already started or create a new if it isn't on it's own <?php if (!isset($_SESSION)) { session_start(); } ?> to just <?php session_start(); ?> Quote Link to comment Share on other sites More sharing options...
we4freelance Posted December 5, 2007 Share Posted December 5, 2007 hello, you will need to put session variable follows $sql = 'SELECT * FROM orders WHERE transaction <> "COMPLETE" AND cust_num = (SELECT cust_num FROM customer WHERE cust_username = "' . $_SESSION['MM_Username']) . '"'; Thanks. info@we4freelance.com http://www.we4freelance.com Quote Link to comment Share on other sites More sharing options...
syntax101 Posted December 5, 2007 Author Share Posted December 5, 2007 For a start, it looks like you're trying to take advantage of PHP's magic quotes, but that only works if you're using double quotes, not single quotes. e.g. $a = "Hello"; echo "$a and goodbye"; output: Hello and goodbye However, IMO, it's better practise to strucutre MySQL queries using sprintf, as you can see more clearly where your variables etc. are. your code would become: $sql = sprintf('SELECT * FROM orders WHERE transaction <> "COMPLETE" and cust_num = (Select cust_num from customer where cust_username = "%s")', $_SESSION['MM_Username']); thanks to all of you guys. your great thanx a lot man it really work. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.