sql problem in php

Question

sql problem in php

Navigation

#1 by (1 votes)
#2 by (0 votes)

1

I have a problem in the trend of SQL in PHP

$where = '';
$sTable = "clientes";
$type = 'client(1);';
$usid = $_COOKIE['c_user'];
$where = "";;
if($_GET['q']!= "" ){
  $where.= " WHERE  fullname like '%$q%' AND user_id=1 ";
}
$where.="order by fullname desc";
$query_Dataclient = ("SELECT * FROM  $sTable $where LIMIT $offset,$maximo_pagina");
$Dataclient = mysql_query($query_Dataclient, $conexion) or die(mysql_error());
$row_Dataclient = mysql_fetch_assoc($Dataclient);
$totalRows_Dataclient = mysql_num_rows($Dataclient);

Error that comes out: In which says if($_GET['q'])!='') that if it works well the other nose does not work with AND ni WHERE error message You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'AND user_id = 1 LIMIT 0.7' at line 1

mysql php mariadb

asked by Mati 21.01.2017 в 21:23

source

2 answers

How not to copy the content that already exists in a file? How to Add the ID Attribute, by Jquery

score 1 · Answer 1

It happened to me once that when you put a variable in the string you did not recognize it, try the following:

$where = '';
$sTable = "clientes";
$type = 'client(1);';
$usid = $_COOKIE['c_user'];
$where = "";;
if($_GET['q']!= "" ){
$where.= " WHERE  fullname like '%".$_GET['q']."%' AND user_id=1 ";
}
$where.="order by fullname desc";
$query_Dataclient = ("SELECT * FROM  $sTable $where LIMIT $offset,$maximo_pagina");
$Dataclient = mysql_query($query_Dataclient, $conexion) or die(mysql_error());
$row_Dataclient = mysql_fetch_assoc($Dataclient);
$totalRows_Dataclient = mysql_num_rows($Dataclient);

score 0 · Answer 2

$sTable = "clientes";
$type = 'client(1);';
$usid = $_COOKIE['c_user'];
$q = mysql_real_escape_string($_GET["q"]);
$where = "";
if(isset($q)){
  $where= " WHERE  fullname like '%$q%' AND user_id=1 ";
}
$where.="order by fullname desc";
$query_Dataclient = ("SELECT * FROM  $sTable $where LIMIT $offset,$maximo_pagina");
$Dataclient = mysql_query($query_Dataclient, $conexion) or die(mysql_error());
$row_Dataclient = mysql_fetch_assoc($Dataclient);
$totalRows_Dataclient = mysql_num_rows($Dataclient);

When you use .= it means that you add values to the variable. In the first variable $where you did not have any value, which until then is fine, but within the declaration if you continued adding values to the variable. Another thing is that you did not have any value to the variable $q . I hope it works !. Greetings