Avovk
Reputation: 547
mysql statement not working
I'm trying to create a secure session management where each user gets a hash and if the user logs in somewhere else then it checks that the user has the most recently logged in hash. This way if the user forget's to log out, the system will log out the account for them. This is the sql statement i wrote and it's giving me this error. Can someone tell me why?
Thank you
"SELECT * FROM 'v_pos_user_session WHERE userID='$userID' AND hash='$hash' AND admin='0' time=(SELECT max(time) FROM v_pos_user_session WHERE userID='$userID' AND admin='0')"
QLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'time=(SELECT max(time) FROM v_pos_user_session WHERE userID='6' AND admin='0')' at line 1
Upvotes: 0
Views: 42
Answers (1)
juergen d
Reputation: 204756
you have to escape time with backticks and you forgot an and
SELECT * FROM v_pos_user_session
WHERE userID='$userID'
AND hash='$hash'
AND admin='0'
and `time`=(SELECT max(time) FROM v_pos_user_session
WHERE userID='$userID' AND admin='0')
and you left an unnecessary ' before v_pos_user_session
Upvotes: 6