0

I am passing a PHP varibale into a oracle sql query. but its not taking it properly giving me ORA errors like - invalid character. I tried escaping the varibale as \'$sid\', this makes error go, but the query doesnt return anything. Is there a way to pass PHP variable to oracle query

if(isset($_POST['action']))
{
   $sid = $_POST['action'];
   $stid = oci_parse($conn, 'SELECT emp from table emp='$sid'');
   oci_execute($stid);
}

I have removed to the database connection part for brevity.

Improve this question
5
  • 1
    First thing: fix your quotation marks. Change outer ones to double quotes: "SELECT emp from table emp='$sid'" Commented Feb 9, 2016 at 12:55
  • I tried that too. But still getting error as : oci_execute(): ORA-00911: invalid character in /opt/lampp/htdocs/process.php on line 28 Commented Feb 9, 2016 at 13:00
  • Try adding semicolon in the end of your query. "SELECT emp from table emp='$sid';" Commented Feb 9, 2016 at 13:03
  • This doesn't work too. If I replace the variable with a static value, it works. for e.g. $stid = oci_parse($conn, 'SELECT emp from table emp=\'sam\''); Commented Feb 9, 2016 at 13:09
  • Then I guess, you should bind your php variable to Oracle placeholder. See Examples section here: php.net/manual/en/function.oci-bind-by-name.php Commented Feb 9, 2016 at 13:17

1 Answer 1

Reset to default
2

'SELECT emp from table emp=\'$sid\'' is a string that you pass exactly as it is to Oracle, this is why it doesn't work.

You need to use oci_bind_by_name to bind a placeholder to a PHP variable.

Example:

$variable = 42;
$stid = oci_parse($conn, 'SELECT col_name FROM tbl_name WHERE col_name > :num;');
oci_bind_by_name($stid, ":num", $variable);
oci_execute($stid);
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.