Jump to content


Photo

MYSQL Statement with odd results


  • Please log in to reply
2 replies to this topic

#1 Balmung-San

Balmung-San
  • Members
  • PipPipPip
  • Advanced Member
  • 327 posts

Posted 16 May 2006 - 10:35 PM

'SELECT * FROM users WHERE users.username='.$visitor_name

That's the string I'm using for my query. In the sample I'm using, $visitor_name is Pieaholic2004x.

Now, here's the odd part, it keeps tossing this into my source code and stops: Unknown column 'Pieaholic2004x' in 'where clause'

Am I doing something wrong here?
"Paranoia is very useful in this work. ...If your cryptographic system can survive the paranoia model, it has at least a fighting chance of surviving in the real world." - Niels Ferguson & Bruce Schneier

They say there's more then one way to skin a cat.
In programming, there's no wrong way to skin a cat, just more efficent ways of doing so.

#2 Barand

Barand
  • Moderators
  • Sen . ( ile || sei )
  • 18,021 posts

Posted 16 May 2006 - 10:59 PM

A string literal inside a query is assumed to be a column name unless it is in quotes.

Use

$sql = "SELECT * FROM users WHERE users.username = '$visitor_name' ";

If you are still using mysql_ functions, STOP! Use mysqli_ or PDO. The longer you leave it the more you will have to rewrite.

Donations gratefully received






moon.png

|baaGrid| easy data tables - and more
|baaChart| easy line, column and pie charts

#3 Balmung-San

Balmung-San
  • Members
  • PipPipPip
  • Advanced Member
  • 327 posts

Posted 16 May 2006 - 11:05 PM

[!--quoteo(post=374467:date=May 16 2006, 05:59 PM:name=Barand)--][div class=\'quotetop\']QUOTE(Barand @ May 16 2006, 05:59 PM) View Post[/div][div class=\'quotemain\'][!--quotec--]
A string literal inside a query is assumed to be a column name unless it is in quotes.

Use

$sql = "SELECT * FROM users WHERE users.username = '$visitor_name' ";
[/quote]
Ah, awesome, that cleared it right up. Thanks.
"Paranoia is very useful in this work. ...If your cryptographic system can survive the paranoia model, it has at least a fighting chance of surviving in the real world." - Niels Ferguson & Bruce Schneier

They say there's more then one way to skin a cat.
In programming, there's no wrong way to skin a cat, just more efficent ways of doing so.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users