0

I have a PHP page opened directly from a URL with params in it:
http://subdomain.domain.com/phppage.php?id=123456

The PHP page is supposed to execute a very simple SQL statement to retrieve a single data row based on the id variable. The SQL execution is done this way:

$id = $_REQUEST['id'];
$sql = "SELECT * FROM INCIDENTS WHERE ((INCIDENTS.ID) = $id);";
$result = mysql_query($sql);
if(!$result){
  die("Error: ".mysql_error());
}

I have run the statement directly on the database via phpMyAdmin (substituting "$id" for an actual number) and it returns the expected record.

When executing the PHP page, however I get this error:
Error: Unknown column '123456' in 'where clause'

I don't understand why it is doing this. Please help!

2
Contributors
2
Replies
3
Views
6 Years
Discussion Span
Last Post by MysticalNomad
0

In the SQL statement, it is treating $sql as a column because it isn't enclosed in single quotes. Add the single quotes and it should work.

0

Excellent! I corrected it to:

$id = $_REQUEST['id'];
$sql = 'SELECT * FROM INCIDENTS WHERE ((INCIDENTS.ID) = \''.$id.'\');';
$result = mysql_query($sql);
if(!$result){
   die("Error: ".mysql_error());
}

Works like a charm. Thanks for the insight!

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.