Solved: MySQL Help

In PHP, should I use

Code:

mysql_query("SELECT something FROM table WHERE something=$something")

or should I add a ' before and after the variable I'm comparing like this:

Code:

mysql_query("SELECT something FROM table WHERE something='$something'")

?

 

If it is a string use the latter, otherwise use the former.

Also, unless you know what $something is you should escape it.

 

As always, thanks for your help.

 

Actually... you were wrong. Completely. And it took me about 2 hours to figure out how to fix it. If you're going to use a variable inside a MySQL command, it has to be surrounded in ' ' or it won't work properly.

 

Can you show me an example of what you mean?

 

Code:

$result = mysql_query("SELECT * FROM user WHERE username='$username'");

as opposed to:

Code:

$result = mysql_query("SELECT * FROM user WHERE username=$username");

 

Code:

mysql_query("SELECT something FROM table WHERE something='$something'")

Code:

mysql_query("SELECT something FROM table WHERE something=$something")

Umm... how did you misunderstand my post?

 

It's not a string.

 

Then using the former should work fine.

mysql_query("SELECT something FROM table WHERE something=1")

is a valid query.

 

I was comparing it to a variable.
You said to use no ' 's if it wasn't a string. A variable is not a string so I didn't use ' 's. That made sense to me too because Javascript and PHP interperate anything inside " " or ' ' to be a string. But, that's not the case.

No matter if it's a variable or not, it still needs ' 's.

 

I'm sorry but that is wrong.

Only strings need to be quoted.

 

No. You're wrong. In a mysql_query() you have to surround variables with ' 's or you'll get an error.

 

Wherever you are getting that from, its incorrect.

It works fine for me.

 

I got it from my page which works on that principal. I guess it's possible we're using different versions of PHP... but for me, the only way it will work is if I use ' 's.