homepage Welcome to WebmasterWorld Guest from 54.237.54.83
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

    
Passing a variable from a form to a MySql query
It's got to be something simple (I hope)
melinda64




msg:3367235
 9:42 am on Jun 14, 2007 (gmt 0)

I have a form set up with a dropdown list of values for a field "manufacturer" in my database
I can pass the variable to my php script. I know this because I use:

$manufacturer = $_POST['manufacturer'];

echo "<h1> Query result for manufacturer = ","$manufacturer", "</h1>";

And the page prints the appropriate value chosen from the form.

I'm trying to use the $manufacturer variable in a mysql query to select records which match.

My mysql query works when I use the following code:

$result = mysql_query("SELECT * FROM serialtest WHERE manufacturer = 'Yamaha'") or die(mysql_error());

but not when I add the $_POST[manufacturer] value in place of 'Yamaha'

The error I get is: "Unknown column 'Yamaha' in 'where clause'"
Is it my syntax?

Many thanks for any help you can give.

Mark

 

Habtom




msg:3367272
 10:34 am on Jun 14, 2007 (gmt 0)

Hi Mark,

Welcome to Webmasterworld.

I)
Try putting it this way:

$result = mysql_query("SELECT * FROM serialtest WHERE manufacturer = '". $_POST[manufacturer] ."'") or die(mysql_error());

II)
Number I should work, but I could have done the security check as well at this stage:

$manufacturer_cleaned = strip_tags($_POST[manufacturer]);
and the related functions.
$result = mysql_query("SELECT * FROM serialtest WHERE manufacturer = '$manufacturer_cleaned'") or die(mysql_error());

III)
Something not related to that question,
As a performance tip, unless you need to use all the fields in that table it is always good to mention the field names, like:

SELECT field1, field2 FROM table1

Habtom

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved