homepage Welcome to WebmasterWorld Guest from 54.204.249.184
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Visit PubCon.com
Home / Forums Index / Code, Content, and Presentation / Databases
Forum Library, Charter, Moderator: open

Databases Forum

    
pass the variable from url
whats the right format.
tw56




msg:4385465
 3:40 am on Nov 10, 2011 (gmt 0)


$kv = urldecode(strip_tags($_GET['key']));
$sql = 'SELECT * FROM `words` WHERE `key` = \'1ww\'';\\this works


I want to use the $kv to replace the \'1ww\' but I can't seem to get the right syntax.

echo $kv; \\ 1ww

when I use the $kv in the sql I return nothing.
when I leave it as is I return the correct rows.

Thanks for any help

 

penders




msg:4385518
 9:44 am on Nov 10, 2011 (gmt 0)

Actually you want $kv to replace 1ww, not \'1ww\' (since you still need the resulting single quotes in your SQL). To keep with your current single quotes, this becomes...

$sql = 'SELECT * FROM `words` WHERE `key` = \''.$kv.'\'';

Or, changing to double quotes is probably clearer...
$sql = "SELECT * FROM `words` WHERE `key` = '$kv'";

Also, I don't think you need to urldecode() your string initially, since PHP should do this automatically. But you might need to call mysql_real_escape_string() to sanitize it.

tw56




msg:4385558
 2:16 pm on Nov 10, 2011 (gmt 0)

Thanks. That fixed it right up.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / Databases
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved