php mysql where clause not reading variable

Question

I am starting to get furious here

mysql_query don't recognize my variable $d1 even I tried to rename it

here is the code..

html:

<form action ="manageVessel.php" method ="POST">
  <select onchange ="this.form.submit();" class ="form-control" name ="ViewPositionCertificates">
      <option>Choose a Position </option>                                                       
      <?php
      $ViewPCertificates = mysql_query("SELECT * FROM table_cmsjob") or die("error" . mysql_error());
      while ($rwViewPCertificates = mysql_fetch_array($ViewPCertificates)) {
          ?>
          <option value =" <?php echo $rwViewPCertificates['jobName']; ?> "> <?php echo $rwViewPCertificates['jobName']; ?></option>  
      <?php } ?>

       </select>   
</form>

php:

   <?php if (isset($_POST['ViewPositionCertificates'])) { ?>
      <table class = "table table-bordered">
          <tr class ="bg-primary">
              <td> List of Certificates </td>
          </tr>
          <?php
          $d1 = $_POST['ViewPositionCertificates'];
          echo $_POST['ViewPositionCertificates'];
          $ViewCertificatesFP = mysql_query("SELECT * FROM table_cmsjobassigning WHERE jobName =  '$d1' ") or die("error" . mysql_error());

          while ($rwViewCertificatesFP = mysql_fetch_array($ViewCertificatesFP)) {

              echo "<tr>";
              echo "<td>" . $rwViewCertificatesFP['Certificate'] . "</td>";
              echo "</tr>";
          }
          ?>

      </table>




  <?php } ?>

MYSQL WHERE clause is working fine when I used a string for example

    mysql_query("SELECT * FROM table_cmsjobassigning WHERE jobName =  'MASTER' ") or die("error" . mysql_error());

but when I used a variable to assign $_POST['ViewPositionCertificates'] to a variable MYSQL WHERE clause doesn't read it any help?

Answer 1

<option value ="<?php echo $rwViewPCertificates['jobName']; ?>"> <?php echo $rwViewPCertificates['jobName']; ?></option>   // remove xtra spaces from here......

Remove spaces from value attribute

Answer 2

Try like this..

$ViewCertificatesFP = mysql_query("SELECT * FROM table_cmsjobassigning WHERE jobName =  '".mysql_real_escape_string(trim($d1))."' ") or die("error" . mysql_error());

or

$ViewCertificatesFP = mysql_query("SELECT * FROM table_cmsjobassigning WHERE jobName =  '".addslashes(trim($d1))."' ") or die("error" . mysql_error());

Answer 3

You can not write variables inside single quotes, if you write it then PHP will consider it as string. so your query will be
$ViewCertificatesFP = mysql_query("SELECT * FROM table_cmsjobassigning WHERE jobName = $d1 ") or die("error" . mysql_error());

for more help , please read variable interpolation in PHP

Answer 4

<?php if (isset($_POST['ViewPositionCertificates'])) { ?>
    <table class = "table table-bordered">
        <tr class ="bg-primary">
            <td> List of Certificates </td>
        </tr>
        <?php
        $d1 = $_POST['ViewPositionCertificates'];
        echo $_POST['ViewPositionCertificates'];
        $ViewCertificatesFP = mysql_query("SELECT * FROM table_cmsjobassigning WHERE jobName =  '".$d1."' ") or die("error" . mysql_error());

        while ($rwViewCertificatesFP = mysql_fetch_array($ViewCertificatesFP)) {

            echo "<tr>";
            echo "<td>" . $rwViewCertificatesFP['Certificate'] . "</td>";
            echo "</tr>";
        }
        ?>
    </table>
<?php } ?>

Change in select query syntax use single quote.

Answer 5

Try this one:

mysql_query("SELECT * FROM table_cmsjobassigning WHERE jobName =  ".$_POST['ViewPositionCertificates'])

Answer 6

Try to change your query method it may help...

$ViewCertificatesFP = mysql_query("SELECT * FROM table_cmsjobassigning WHERE jobName =  '".$d1."' ") or die("error" . mysql_error());