What's wrong with this?

Problems with the Mac OS X version of XAMPP, questions, comments, and anything related.

What's wrong with this?

Postby timstring » 19. October 2010 03:57

When I run this query:

Code: Select all
$result = mysql_query("SELECT * FROM `Worksheet` WHERE `JobDate` = $_POST[`WorkDate`]");


MySQL responds with "Parse error: syntax error, unexpected '`', expecting T_STRING or T_VARIABLE or T_NUM_STRING in /Applications/XAMPP/xamppfiles/htdocs/SummarySheet3.php on line 15"

Worksheet is the table, `JobDate` is a field in `Worksheet`, and 'WorkDate' is a user-inserted variable from the previous web page.

When I eliminate the ticks and quotes, using this query:

Code: Select all
$result = mysql_query("SELECT * FROM Worksheet WHERE JobDate = $_POST['WorkDate']");


MySQL responds with "Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /Applications/XAMPP/xamppfiles/htdocs/SummarySheet3.php on line 15"

When I try this:
Code: Select all
$result = mysql_query("SELECT * FROM `Worksheet` WHERE JobDate = '2010-10-15'");


the server drops the connection without returning anything.



Where's my error?

thanks
tim
"If builders built buildings the way that programmers write programs, the first woodpecker to come along would destroy civilization."
User avatar
timstring
 
Posts: 22
Joined: 17. September 2010 02:16

Re: What's wrong with this?

Postby OneEyedWillie » 30. October 2010 22:11

Try this:
Code: Select all
$result = mysql_query("SELECT * FROM `Worksheet` WHERE `JobDate` = '{$_POST['WorkDate']}'");
Keith

http://www.duvalltech.com/ - My web hosting company
http://www.bloodninja.org/ - Funny chat logs
User avatar
OneEyedWillie
 
Posts: 1
Joined: 30. October 2010 21:42
Location: Atlanta, GA

Re: What's wrong with this?

Postby sili » 31. October 2010 16:22

You REALLY should read about SQL injections!
sili
 
Posts: 67
Joined: 15. March 2003 16:05


Return to XAMPP for Mac OS X

Who is online

Users browsing this forum: No registered users and 5 guests