|
|
Posted by Justin Koivisto on 10/20/05 16:44
Mark wrote:
> Hello
>
> new to php, and a problem:
>
> $sContentId = $_GET["sContentId"];
>
> $db = mysql_connect("mysql.xxx.nl","xxx","xxx") or die ("Error");
>
> mysql_select_db("keyone", $db);
>
> // here is goes wrong
> $sql2 = "SELECT * FROM sContentTbl WHERE sContentId=$sContentId";
>
> echo $sql2."<br>";
>
> $producten = mysql_query($sql2);
> mysql_close($db);
>
> I do only want the (1) item out of the sContenTbl where the value is
> specified bij $sContentId. But i do get this:
>
> SELECT * FROM sContentTbl WHERE sContentId=\'6\'
>
> If i choose to do it like this (test):
>
> $sql2 = "SELECT * FROM sContentTbl WHERE sContentId=6";
>
> then it works fine.
>
> So what do i do wrong?
Before using $_GET['sContentId'] in the query, ensure that it is an
integer value without any quotes.
functions to help:
is_numeric
intval
if you need to find the number within the variable string value and of
these can help:
str_replace
substr
strpos
preg_match
preg_replace
--
Justin Koivisto, ZCE - justin@koivi.com
http://koivi.com
[Back to original message]
|