Welcome to WebmasterWorld Guest from

Forum Moderators: open

Message Too Old, No Replies

pass the variable from url

whats the right format.

3:40 am on Nov 10, 2011 (gmt 0)

New User

joined:Nov 9, 2011
votes: 0

$kv = urldecode(strip_tags($_GET['key']));
$sql = 'SELECT * FROM `words` WHERE `key` = \'1ww\'';\\this works

I want to use the $kv to replace the \'1ww\' but I can't seem to get the right syntax.

echo $kv; \\ 1ww

when I use the $kv in the sql I return nothing.
when I leave it as is I return the correct rows.

Thanks for any help
9:44 am on Nov 10, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member penders is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month

joined:July 3, 2006
posts: 3123
votes: 0

Actually you want $kv to replace 1ww, not \'1ww\' (since you still need the resulting single quotes in your SQL). To keep with your current single quotes, this becomes...

$sql = 'SELECT * FROM `words` WHERE `key` = \''.$kv.'\'';

Or, changing to double quotes is probably clearer...
$sql = "SELECT * FROM `words` WHERE `key` = '$kv'";

Also, I don't think you need to urldecode() your string initially, since PHP should do this automatically. But you might need to call mysql_real_escape_string() to sanitize it.
2:16 pm on Nov 10, 2011 (gmt 0)

New User

joined:Nov 9, 2011
votes: 0

Thanks. That fixed it right up.

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members