0

I am starting to get furious here

mysql_query don't recognize my variable $d1 even I tried to rename it

here is the code..

html:

<form action ="manageVessel.php" method ="POST">
  <select onchange ="this.form.submit();" class ="form-control" name ="ViewPositionCertificates">
      <option>Choose a Position </option>                                                       
      <?php
      $ViewPCertificates = mysql_query("SELECT * FROM table_cmsjob") or die("error" . mysql_error());
      while ($rwViewPCertificates = mysql_fetch_array($ViewPCertificates)) {
          ?>
          <option value =" <?php echo $rwViewPCertificates['jobName']; ?> "> <?php echo $rwViewPCertificates['jobName']; ?></option>  
      <?php } ?>

       </select>   
</form>

php:

   <?php if (isset($_POST['ViewPositionCertificates'])) { ?>
      <table class = "table table-bordered">
          <tr class ="bg-primary">
              <td> List of Certificates </td>
          </tr>
          <?php
          $d1 = $_POST['ViewPositionCertificates'];
          echo $_POST['ViewPositionCertificates'];
          $ViewCertificatesFP = mysql_query("SELECT * FROM table_cmsjobassigning WHERE jobName =  '$d1' ") or die("error" . mysql_error());

          while ($rwViewCertificatesFP = mysql_fetch_array($ViewCertificatesFP)) {

              echo "<tr>";
              echo "<td>" . $rwViewCertificatesFP['Certificate'] . "</td>";
              echo "</tr>";
          }
          ?>

      </table>




  <?php } ?>

MYSQL WHERE clause is working fine when I used a string for example 

    mysql_query("SELECT * FROM table_cmsjobassigning WHERE jobName =  'MASTER' ") or die("error" . mysql_error());

but when I used a variable to assign $_POST['ViewPositionCertificates'] to a variable MYSQL WHERE clause doesn't read it any help?

Improve this question
2
  • $ViewCertificatesFP = mysql_query("SELECT * FROM table_cmsjobassigning WHERE jobName = '{$d1}' ") or die("error" . mysql_error()); use this query and a pair of avice, please prefer mysqli over mysql Commented Dec 15, 2015 at 7:04
  • As nobody said it I'll say it. Please don't use mysql_* functions as they are deprecated and in the newly released PHP 7.0 deleted use mysqli or PDO instead. Also when handling user input use prepared statements otherwise your query is open for SQL injections Commented Dec 15, 2015 at 9:29

6 Answers 6

Reset to default
3 
<option value ="<?php echo $rwViewPCertificates['jobName']; ?>"> <?php echo $rwViewPCertificates['jobName']; ?></option>   // remove xtra spaces from here......

Remove spaces from value attribute

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

thanks did not notice whitespace from value attribute
1

Try like this..

$ViewCertificatesFP = mysql_query("SELECT * FROM table_cmsjobassigning WHERE jobName =  '".mysql_real_escape_string(trim($d1))."' ") or die("error" . mysql_error());

or 

$ViewCertificatesFP = mysql_query("SELECT * FROM table_cmsjobassigning WHERE jobName =  '".addslashes(trim($d1))."' ") or die("error" . mysql_error());
Improve this answer

1 Comment

I think there is some special character in value of "$d1" variable. Try using with mysql_real_escape_string() or addslashes()
0

Try this one:

mysql_query("SELECT * FROM table_cmsjobassigning WHERE jobName =  ".$_POST['ViewPositionCertificates'])
Improve this answer

Comments

0 
<?php if (isset($_POST['ViewPositionCertificates'])) { ?>
    <table class = "table table-bordered">
        <tr class ="bg-primary">
            <td> List of Certificates </td>
        </tr>
        <?php
        $d1 = $_POST['ViewPositionCertificates'];
        echo $_POST['ViewPositionCertificates'];
        $ViewCertificatesFP = mysql_query("SELECT * FROM table_cmsjobassigning WHERE jobName =  '".$d1."' ") or die("error" . mysql_error());

        while ($rwViewCertificatesFP = mysql_fetch_array($ViewCertificatesFP)) {

            echo "<tr>";
            echo "<td>" . $rwViewCertificatesFP['Certificate'] . "</td>";
            echo "</tr>";
        }
        ?>
    </table>
<?php } ?>

Change in select query syntax use single quote.

Improve this answer

2 Comments

thanks for the response :) but I already tried that so far wont work? I also tried to restart my apache and mysql but it still don't work
Don't you know how to vote? Or you just need an answer.
0

You can not write variables inside single quotes, if you write it then PHP will consider it as string. so your query will be
$ViewCertificatesFP = mysql_query("SELECT * FROM table_cmsjobassigning WHERE jobName = $d1 ") or die("error" . mysql_error());

for more help , please read variable interpolation in PHP

Improve this answer

3 Comments

Thanks for the response I already tried that but I keep getting an error Unknown column 'MASTER' in 'where clause' master is one of the rows in my database for column jobName
ok then please confirm 'MASTER' is column present in your MySQL table
please replace $d1 to ' " .$d1. " ' , I think it will solve your problem
-1

Try to change your query method it may help...

$ViewCertificatesFP = mysql_query("SELECT * FROM table_cmsjobassigning WHERE jobName =  '".$d1."' ") or die("error" . mysql_error());
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.