Sticking variables in a MySQL Query?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Jim
Forum Contributor
Posts: 238
Joined: Fri Apr 19, 2002 5:26 am
Location: Near Austin, Texas

Sticking variables in a MySQL Query?

Post by Jim »

I'm using this code to authenticate permission in editing a certain news portion of the site.

Code: Select all

$sql = "select id from EGN_User_Sites where user_name = '$EGNewsUser' and '{$name}' = '1'";
That $name comes from a query string like this:

Code: Select all

http://mysite.com/newsprogram/editnews.php?action=add&name=butt
Any idea on what to replace '{$name}' with?
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

maybe {$_GET['name']} ?
User avatar
mydimension
Moderator
Posts: 531
Joined: Tue Apr 23, 2002 6:00 pm
Location: Lowell, MA USA
Contact:

Post by mydimension »

what about this:

Code: Select all

$sql = "select id from EGN_User_Sites where user_name = '$EGNewsUser' and name = $name";
User avatar
BigE
Site Admin
Posts: 139
Joined: Fri Apr 19, 2002 9:49 am
Location: Missouri, USA
Contact:

Post by BigE »

No, volka is right here, he needs to use $_GET['name'] in this case. However, that is assuming you are running PHP 4.1.x or higher and register_globals is off.
Post Reply