php - $_GET for MySQL query causing Unknown column error -

-

i have series of links pass information new page run mysql query. 1 of links source code:

<a class="bloglink" href="parknews.php?tpf_news.park_id=5">

and code generates links:

<a class="bloglink" href="parknews.php?tpf_news.park_id=<?php echo $row2['park_id'];?>"> <?php echo $row2['name']; ?> </a>

the query uses info here:

$park_id = $_get['tpf_news.park_id']; $sql = 'select headline, story, date_format(date, "%d-%m-%y") date, name tpf_news inner join tpf_parks on tpf_news.park_id = tpf_parks.park_id tpf_news.park_id = $park_id order date desc' ;

this causes error display:

error fetching news: sqlstate[42s22]: column not found: 1054 unknown column '$park_id' in 'where clause'

i can't work out why not working. if in query replace where tpf_news.park_id = $park_id where tpf_news.park_id = 6 (or other number), works fine.

any ideas?

when strings in quotes variables aren't interpolated. need use double quotes instead:

$sql = "select headline, story, date_format(date, '%d-%m-%y') date, name tpf_news inner join tpf_parks on tpf_news.park_id = tpf_parks.park_id tpf_news.park_id = $park_id order date desc" ;

or use concatenation:

$sql = 'select headline, story, date_format(date, "%d-%m-%y") date, name tpf_news inner join tpf_parks on tpf_news.park_id = tpf_parks.park_id tpf_news.park_id =' .  $park_id .' order date desc' ;

fyi, wide open sql injections


Comments

Post a Comment

Popular posts from this blog

java - Jmockit String final length method mocking Issue -

-
using jmockit 1.2 jar, trying mock string's length method getting unexpected invocation exception: failed: test java.lang.illegalstateexception: missing invocation mocked type @ point; please make sure such invocations appear after declaration of suitable mock field or parameter @ stringdemo.testa$1.<init>(testa.java:17) @ stringdemo.testa.test(testa.java:13) i using testng: @test public void test() throws exception { new expectations() { @mocked("length") string astring; { astring.length(); result = 2; } }; system.out.println(a.showa("test")); } } actual class a: public class { public static int showa(string str){ int a= str.length(); return a; } } this wrong way of recording expected results. shouldn't mock , record string's length() method, record showa() instead. here solution @suppresswarnings("unused...
Read more

asp.net - Razor Page Hosted on IIS 6 Fails Every Morning -

-
i have simple page in intranet uses razor/asp fetch single record table , display it, plus few graphic, dashboard display. meaning, no user intervention other first time open ie internal url. the problem having every morning ie displays "page not found or network error" message. refresh page, , it's stuck , doesn't display anything. try different pc, open ie internal url , it's stuck... ...until following: login server hosting page run inetmgr go web sites, etc right click on page that's giving me problem , select browse at moment, error message: server error in '/' application. -------------------------------------------------------------------------------- type of page not served. description: type of page have requested not served because has been explicitly forbidden. extension '.cshtml' may incorrect. please review url below , make sure spelled correctly. requested url: /application/dashboard.cshtml ---------------...
Read more

ios - Can NSManagedObject conform to NSCoding -

-
i need transfer single object across device. right converting nsmanagedobject dictionary , archiving , sending nsdata. upon receiving unarchiving it. transfer nsmanagedobject archiving , unarchiving instead of creating intermediate data object. @interface test : nsmanagedobject<nscoding> @property (nonatomic, retain) nsstring * title; @end @implementation test @dynamic title; - (id)initwithcoder:(nscoder *)coder { self = [super init]; if (self) { self.title = [coder decodeobjectforkey:@"title"]; //<crash } return self; } - (void)encodewithcoder:(nscoder *)coder { [coder encodeobject:self.title forkey:@"title"]; } @end nsdata *archivedobjects = [nskeyedarchiver archiveddatawithrootobject:testobj]; nsdata *objectsdata = archivedobjects; if ([objectsdata length] > 0) { nsarray *objects = [nskeyedunarchiver unarchiveobjectwithdata:objectsdata]; } the problem above code is. crashes @ self.title in initwithcoder sa...
Read more