Pass variable in MySQL query

Question

I have a function that is working perfectly:

function listimages($session) {
  $db = JFactory::getDbo();
  $query = $db->getQuery(true);
  $query->select($db->quoteName(array('url_name', 'file_name')));
  $query->from($db->quoteName('#__webfoot_photo_studio_photos')); 
  $db->setQuery($query);
  $results = $db->loadObjectList();

return $results;              
}

Until I try to add the WHERE statement:

$query->where($db->quoteName('session' == '$session'));

'session' is the column in the database and $session is a value passed in through the function.

I get this error:

1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 3 SQL=SELECT `url_name`,`file_name` FROM `p9e2i_webfoot_photo_studio_photos` WHERE 

Any suggestions or advice on fixing this syntax is truly appreciated. I've been unable to find the solution.

Answer 1

Try the following:

function listimages($session) {
    $db = JFactory::getDbo();
    $query = $db->getQuery(true);
    $query->select($db->quoteName(array('url_name', 'file_name')))
          ->from($db->quoteName('#__webfoot_photo_studio_photos'))
          ->where($db->quoteName('session') . ' = ' . $db->quote($session));
    $db->setQuery($query);
    $results = $db->loadObjectList();
    return $results;              
}

1. Removed the double == and used a single
2. Moved the = inside the quotes
3. Escaped the $session variable using $db->quote($session)
4. Your quoteName was incorrect so changed it around

Just remember that quote is used to escape values and quoteName is used for columns.

Whenever in doubt, always refer back to the Joomla Documentation for database queries as it provides some good examples:

http://docs.joomla.org/Selecting_data_using_JDatabase

Hope this helps