Home/ Questions/Q 5994231
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-22T23:47:20+00:00

EDIT: I had a typo in my original post….the issue is a bit more

  • 0
EDIT: I had a typo in my original post....the issue is a bit more complicated...i had a variable passed in not a raw string.

I want to print out stories from a mysql database that are specific to a certain person:
so i have code that is similar to:

$stuff ="jamie"
    $query = "SELECT * FROM person_stories WHERE person =$stuff";
    $result = mysql_query($query) or die ("didnt work");
    while($row = mysql_fetch_array($result))
    {
    echo "<a href = 'PersonStoryPage.php?pid=$row[id]'>" .$row['title']. " </a>";
    }

I keep on getting “didnt work” …I know that my table person_stories is empty but is this the same thing as an error? The table will obviously not always be empty so I need to be able to use this block of code to go about business.

Help is appreciated!

EDIT 2: The actual error is:

Unknown column 'jamie' in 'where clause'

This is bizzare since it shouldn’t be interpreting jamie as the column!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You didn’t put single quotes around jamie. Try this:

    $query = "SELECT * FROM person_stories WHERE person = 'jamie'"

    Edit:

    I see the post has been edited. It should now change from this:

    $stuff ="jamie"
$query = "SELECT * FROM person_stories WHERE person =$stuff";

    to something like this:

    $stuff ="jamie"
$query = "SELECT * FROM person_stories WHERE person='" . mysql_real_escape_string($stuff) . "'";

    This will not only solve your SQL syntax error, but also protect your app from a nasty SQL injection vulnerability.

    • 0