Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.
Moderator: General Moderators
ethoemmes
Forum Commoner
Posts: 26 Joined: Thu Aug 18, 2005 4:11 pm
Post
by ethoemmes » Wed Sep 28, 2005 1:54 pm
Can anyone spot my error?
Code: Select all
$query = 'SELECT ImageID, BookID, ImageName, ImageLocation FROM tblImage
WHERE BookID = $BookID';
Is returning
Could not read data because Unknown column '$BookID' in 'where clause'
TIA
Edgar
shiznatix
DevNet Master
Posts: 2745 Joined: Tue Dec 28, 2004 5:57 pm
Location: Tallinn, Estonia
Contact:
Post
by shiznatix » Wed Sep 28, 2005 2:00 pm
becuase it is in single quotes php wont parse the variable. try this
Code: Select all
$query = "SELECT ImageID, BookID, ImageName, ImageLocation FROM tblImage
WHERE BookID = $BookID";
ethoemmes
Forum Commoner
Posts: 26 Joined: Thu Aug 18, 2005 4:11 pm
Post
by ethoemmes » Wed Sep 28, 2005 2:37 pm
Thanks.
omega-systems
Forum Newbie
Posts: 14 Joined: Tue Sep 27, 2005 5:01 am
Contact:
Post
by omega-systems » Thu Sep 29, 2005 4:57 am
the Better to use single quotes for parameters in where part.
Code: Select all
$query = "SELECT ImageID, BookID, ImageName, ImageLocation FROM tblImage
WHERE BookID = '$BookID'";
It'll prevent most of problems with security. For instance for this case (i guess, BookID is 'integer'), you'll have problems with $BookID='a2'. In statement without quote we will get error, in my example we will not get any row only
.
Regards,
Michael.
Project Manager
Omega Systems Ltd
Email:
info@omega-systems.biz
ICQ: 264962449
MSN:
omega-systems@hotmail.com
AIM: OmegaSys Ltd