|
|
Posted by Jerry Stuckle on 08/30/06 22:26
nephish wrote:
> Andy Hassall wrote:
>
>>On 30 Aug 2006 14:14:27 -0700, "nephish" <nephish@gmail.com> wrote:
>>
>>
>>>can anyone tell me if this is legal php/mysql ?
>>
>> Did you try running it?
>>
>>
>>>i am trying to write a simple function to get a single stat from a
>>>single table.
>>>
>>>$field = 'phone_number';
>>>$customer = 'fred';
>>>
>>>$query = mysql_query("SELECT `'{$field}'` FROM `customers` WHERE `name`
>>>= '{$fred}' ");
>>>// note the back quotes around $field
>>
>> The single quotes inside the back quotes will break it.
>>
>>
>>>or is this an accident waiting to happen ?
>>
>> Probably, yes; depends where the data from the $field and $customer variables
>>comes from.
>>
>>
>>--
>>Andy Hassall :: andy@andyh.co.uk :: http://www.andyh.co.uk
>>http://www.andyhsoftware.co.uk/space :: disk and FTP usage analysis tool
>
>
> thanks for the quick reply,
>
>> Did you try running it?
>
> yep, didn't work. i think the quotes did broke it it too. I got this:
> Warning: mysql_fetch_row(): supplied argument is not a valid MySQL
> result resource in
> yadda yadda.
> Tried it without the quotes and got a blank page.
> i dont get that because i know the values are there.
> so, will go ahead and make the individual queries.
>
> thanks for your time.
> sk
>
What does mysql_error() say when it fails?
ALWAYS check the results from a mysql call. In the case of mysql_query,
a return of false indicates an error in the query.
Try echoing the sql string before executing it - see if it's what you
think it is.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
Navigation:
[Reply to this message]
|