Jump to content

help with mysql syntax

aliasnikhil

By aliasnikhil
in PHP Coding Help

 Share

Recommended Posts

aliasnikhil Newbie

aliasnikhil

Posted
Posted

i have created a table named 'masteruseraccounts' in mysql.it has fields : key(auto increment,int);name(varchar(50));idNo(varchar(12));password(varchar(50));mobileNo(varchar(10));email(varchar(50)).

i entered one row as follows:

key |    name            |      idNo            |  password    | mobileNo      |  email

1    |  nikhil upadhyay | 2009AAPS092H  | nikhil            |9505042041  |  aliasnikhil@gmail.com

 

and the idNo is the login name and is stored in a session variable($_SESSION['MM_Username']).i confirmed that the idNo is properly getting stored in session variable by using echo statement.i am also using the session_start().depending on this idNo i was trying to display the rest of information.so i tried to use the WHERE clause but in vain

here is my syntax

<?php
session_start();
mysql_select_db("mydb");
$userId = mysql_real_escape_string($_SESSION['MM_Username']);

$query = "SELECT * " .
"FROM masteruseraccounts".
"WHERE idNo = '$userId' ";


$results = mysql_query($query)
or die(mysql_error());

while ($row = mysql_fetch_array($results)) {
extract($row);
echo $idNo;
echo " - ";
echo $email;
echo " - ";
echo $mobileNo;
echo "<br>";

}

?>

 

it says "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '= '2009AAPS092H'' at line 1"

 

instead if i do not use the where clause then it displays all info correctly.i even tried removing the single quotes around $userId.also tried the WHERE clause as( "WHERE idNo = " .$userId. ""; ) still it gives error.

 

i even tried hardcoding it with the WHERE statement as WHERE idNo = 2009AAPS092H but it doesnt work.putting quotes around 2009AAPS092H also doesnt help.

 

please i am pulling my hair out.someone help me.i thought there might be some different syntax for varchar types but i tried hardcoding the WHERE clause as (WHERE key = 1) this also gives error "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'key = 1' at line 1" now this key field being int type i know it doesnt require quotes around it.

 

any help is very much appreciated.

Link to comment
Share on other sites
Pikachu2000 Prolific Member

Pikachu2000

Posted
Posted

@anupamsaha: Why do think you wouldn't need to escape a string just because it's in a $_SESSION var? What if the string contains quotes or apostrrophes?

 

@OP: The way the query is currently constructed, this is what it will echo:

"SELECT * FROM masteruseraccountsWHERE idNo = '$userId' "

Note there is no space before WHERE.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.