| Welcome to WebmasterWorld Guest from 220.127.116.11 |
register, login, search, subscribe, help, library, PubCon, announcements, recent posts, open posts,
|Subscribe to WebmasterWorld|
|pass the variable from url|
whats the right format.
| 3:40 am on Nov 10, 2011 (gmt 0)|
$kv = urldecode(strip_tags($_GET['key']));
$sql = 'SELECT * FROM `words` WHERE `key` = \'1ww\'';\\this works
I want to use the $kv to replace the \'1ww\' but I can't seem to get the right syntax.
echo $kv; \\ 1ww
when I use the $kv in the sql I return nothing.
when I leave it as is I return the correct rows.
Thanks for any help
| 9:44 am on Nov 10, 2011 (gmt 0)|
Actually you want $kv to replace 1ww, not \'1ww\' (since you still need the resulting single quotes in your SQL). To keep with your current single quotes, this becomes...
$sql = 'SELECT * FROM `words` WHERE `key` = \''.$kv.'\'';
Or, changing to double quotes is probably clearer...
$sql = "SELECT * FROM `words` WHERE `key` = '$kv'";
Also, I don't think you need to urldecode() your string initially, since PHP should do this automatically. But you might need to call mysql_real_escape_string() to sanitize it.
| 2:16 pm on Nov 10, 2011 (gmt 0)|
Thanks. That fixed it right up.
All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
WebmasterWorld ® and PubCon ® are a Registered Trademarks of Pubcon Inc.
© Pubcon Inc. 1996-2012 all rights reserved