Home/ Questions/Q 8731731
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-13T09:18:16+00:00

I have some issue with a sql query using quotes with variables. (In general

  • 0

I have some issue with a sql query using quotes with variables. (In general I use “bind” so I don’t have this kind of problem). Here’s the query :

$myquery = mysql_query("SELECT * FROM mytable ORDER BY id ASC WHERE var='".$var."'");

The syntax seems not to be correct, can anybody help ?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    well you can try something like this:

    $query = sprintf("SELECT * FROM mytable WHERE var='%s' ORDER BY id ASC",mysql_real_escape_string($var));
$result = mysql_query($query) or die("Error:" . mysql_error());

    Also note that ORDER BY is at wrong place.
    It is more readable and you don’t need to bother with single qoute concating.
    Also it is safe for mysql injection.
    Hope this helps!

    • 0