CODEWITHSUNDEEP
phpmysql
Mario Cordeiro
Mario Cordeiro

Reputation: 119

Cannot pass a string to a SQL Query

I have the following code:

    $RefEquipamento = mysql_real_escape_string($_GET['ID']);
    mysql_select_db($database_connLOOPGEST, $connLOOPGEST);
    $query_rs_equipamento = sprintf("SELECT * FROM  clientes_listaequipamentos WHERE referenciacliente = $RefEquipamento ORDER BY datacriacao_loop DESC LIMIT 1");
    $rs_equipamento = mysql_query($query_rs_equipamento, $connLOOPGEST) or die(mysql_error());
    $row_rs_equipamento = mysql_fetch_assoc($rs_equipamento);
    $totalRows_rs_equipamento = mysql_num_rows($rs_equipamento);

    echo json_encode($row_rs_equipamento);

I'm not an expert in PHP or MySQL, I'm trying to learn something. I'm using Dreamweaver.

The code above works when I pass a number as an argument (for ex. If $RefEquipamento is 200456) this works fine, but when I tried to pass a string (let's say I'm passing the string "equip1" this doesn't work, the echo gives me the following message:

"Unknown column 'equip1' in 'where clause'"

Upvotes: 1

Views: 708

Answers (2)

Yoni Hassin
Yoni Hassin

Reputation: 584

try:

$RefEquipamento = "'" . mysql_real_escape_string($_GET['ID']) . "'"; so mysql will handle it as a string.

OR

$query_rs_equipamento = sprintf("SELECT * FROM clientes_listaequipamentos WHERE referenciacliente = '$RefEquipamento' ORDER BY datacriacao_loop DESC LIMIT 1");

Upvotes: 3

Alberto León
Alberto León

Reputation: 2921

If you send to MySQL command a word, without marking with --> ' <---- MySQL Understand you are giving the name of a field or columns.

Remember that allways you need to past a word as variable, you need mark it.

the number don't need special mark

Yoni Hassin response is the solution, mark it as answer

Upvotes: 1

Related Questions