[SOLVED] Parse database result - Obvious but I'm missing it

[amites]

Hello,

 

I'm working on a script to verify results and having trouble pulling the data out of a field

 

the problem I'm having is gathering values from this query, I know it's something stupid and obvious after I racked my blain for hours last night trying different things I'm not seeing it this morning either...

 

any suggestions are appreciated

 

	$result_event = doQuery("SELECT Cost, firstTik, reservedTik FROM " . HC_TblPrefix . "events WHERE PkID='%s'",
					mysql_real_escape_string($p->ipn_data['item_number']));

$holder = $p->ipn_data['quantity'] * mysql_result($result_event,0);

[samona]

Does it work when you don't use the mysql_real_escape_string() function?

[revraz]

You are using % but not using LIKE

 

WHERE PkID='%s'

 

% is a wild character and needs LIKE to work.

[amites]

not familiar with real_escape_string have to try that one next,

 

the %s is out of the manual as a wildcard to be swapped out with the mysql_real_escape_string which cleans up entries to avoid malicious code...

 

 

I verified $p->ipn_data['item_number'] has a value

 

but nothing I'm pulling from the DB has a value,

 

tried a number of different methods for fetching values from the data, starting to question myself on this one...

[revraz]

You didn't read what I posted.

 

 

 

the %s is out of the manual as a wildcard to be swapped out with the mysql_real_escape_string which cleans up entries to avoid malicious code...

 

 

[amites]

your right I didn't,

 

think I'm caffeine deprived,

 

pulled the real_escape_string out and it worked,

 

would rather use it, though right now I'd rather see it working that perfect