Ashok Kumar Reddy S
Reputation: 105
PHP MYSQL Data fetching issue
I am facing some problem with fetching data from SQL.
When I use the below statement, it is working fine
$sql = 'SELECT `Name`, `Des`, `Url`, `about`, `date` FROM `data` where name = \'facebook\'';
$retval = mysql_query( $sql, $conn );
When I use the same using a parameter name, I am facing some problem, the code I used is
$name = $_GET['name'];
$sql = 'SELECT `Name`, `Des`, `Url`, `about`, `date` FROM `data` where name = \'$name'';
$retval = mysql_query( $sql, $conn );
I also tried by concatenating name like \'facebook\'
$name1 = "\'".$name . " \'"; but it is also not working .
Upvotes: 0
Views: 103
Answers (2)
Suhel Meman
Reputation: 3852
Use Mysqli instead of Mysql.
Solution for your query :
$name = $_GET['name'];
$sql = "SELECT Name, Des, Url, about, date FROM data where name = '".mysql_real_escape_string($name)."'";
$retval = mysql_query( $sql, $conn );
Upvotes: 0
John Woo
Reputation: 263743
use Double quotes so you won't need any escaping of single quotes.
$sql = "SELECT Name, Des, Url, about, date
FROM data
where name = '$name'";
As a sidenote, the query is vulnerable with SQL Injection if the value(s) of the variables came from the outside. Please take a look at the article below to learn how to prevent from it. By using PreparedStatements you can get rid of using single quotes around values.
Upvotes: 3
Related Questions
- Cannot fetch data from MySQL
- Data not fetched from MySQL table in PHP
- Php not fetching the data from mysql
- Mysql fetch error while getting data from mysql data base
- data not getting fetched
- MySQL not fetching correct data? (PHP)
- Mysql issue with retrieving information
- problem in php when retrieving data from database
- problem during data fetch
- PHP Retrieving data problem