Comparing input data with data queried from database

Question

So when I tried to get one random row in database and store it into variables, it seems like I cannot reuse those variables for my next sql query as I was tried in these lines.

First I get one random row in database and store it into variables for later use

$mysqli = new mysqli($hostname, $username, $password, $dbname, $port) or die(mysqli_error($mysqli));
$sqlcompare = "SELECT * FROM questions order by rand() limit 1";
$result = mysqli_query($mysqli, $sqlcompare);
$row = mysqli_fetch_row($result);
$pos = $row[0];
$word = $row[1];

$pos is the id of that row $word is the data of that row.

Then I get user input and checking the database if there is a row both have the same id with $pos and the input word is the same as that row

$input = $mysqli->real_escape_string($_POST['input']);  
$sqlcheck = "SELECT * FROM questions WHERE word = $input AND id = $pos";
$sqlresult = mysqli_query($mysqli, $sqlcheck);
if (isset($_POST['compare'])) {
    if (mysqli_num_rows($sqlresult)>=1) {
        echo "Found that input";
    } else {
        echo "Not found";
    }
}

When I tried to retrieved word from database directly from user input, which only have one condition, the code work perfectly but when I add id condition in, it not working anymore. Any idea where I screw thing up?

Edit note: I just tried to echo $pos and $word and it work perfectly but somehow when I tried to put $pos varibale into sql to query, it does not working.

Answer 1

Use like instead of ( = ).

$input = $mysqli->real_escape_string($_POST['input']);  
$sqlcheck = "SELECT * FROM questions WHERE word LIKE '%".$input."%' AND id = $pos";
$sqlresult = mysqli_query($mysqli, $sqlcheck);

Mysql Like docs