Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    Regular Coder ajetrumpet's Avatar
    Join Date
    Jul 2009
    Location
    Iowa City, IA
    Posts
    407
    Thanks
    44
    Thanked 5 Times in 5 Posts

    Concatenating a variable into sql

    hello again,

    I am trying to figure this out, but sometimes it just doesn't work for me. and I have no idea why. I'm getting:
    you have an error in your sql syntax near 'desc FROM names WHERE thename = 'adam'' at line 1
    obviously the criteria is not quoted correctly, but I simply don't get it. Here's the query:
    Code:
    $query2 = "SELECT thename, desc FROM names 
    
    WHERE thename = '" . $tempname . "'" or die(mysql_error());
    Isn't that the way you're supposed to concat strings into the statement? That's the way you do it in visual basic, and anything else I've ever worked with.

    Similarly, I have the exact same query, with different variables only, running earlier in the script and it has the same concat syntax. That was does NOT kill the script, so apparently it works. What am I missing here guys?

  • #2
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,073
    Thanks
    11
    Thanked 98 Times in 96 Posts
    not sure if your code was as-is but it looks like "or die(etc" was part of your query ?
    anyway, use backticks for field and table names to avoid mysql confusion and you can use braces around your variables to avoid further confusion
    PHP Code:
    $sql="SELECT `thename`, `desc` FROM `names` WHERE `thename` = '{$tempname}' "
    mysql_query($sql)or die(mysql_error()); 
    (edit) and if you have to concatenate ...
    $sql="SELECT `thename`, `desc` FROM `names` WHERE `thename` = '".$tempname."'";
    Last edited by firepages; 11-21-2010 at 07:56 AM. Reason: error in code
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)

  • Users who have thanked firepages for this post:

    ajetrumpet (11-21-2010)

  • #3
    Regular Coder ajetrumpet's Avatar
    Join Date
    Jul 2009
    Location
    Iowa City, IA
    Posts
    407
    Thanks
    44
    Thanked 5 Times in 5 Posts
    putting tick marks around the field names did it. thank you. I don't have a list of reserved words for PHP, and I'm sure that was the problem. 'desc' is obviously reserved and I should have seen that. Sorry about that! I think I need to fix my naming conventions as well.

  • #4
    Senior Coder Dormilich's Avatar
    Join Date
    Jan 2010
    Location
    Behind the Wall
    Posts
    3,342
    Thanks
    13
    Thanked 349 Times in 345 Posts
    I rather suspect "names" to be the reserved SQL word (cf. SET NAMES UTF8)
    The computer is always right. The computer is always right. The computer is always right. Take it from someone who has programmed for over ten years: not once has the computational mechanism of the machine malfunctioned.
    André Behrens, NY Times Software Developer


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •