YUSUF KIPROP YUSUF KIPROP - 6 months ago 10
SQL Question

Issue with my sql delete function

My page displays


You have an error in your SQL syntax. Check the manual that corresponds to your server version for the right syntax to use at line 2 near '$file'.


Help please..

Here is my code:

$file= $_session["note";
$sql="DELETE FROM {$_SESSION ["group"]}
WHERE file=$file";

Answer

Use quote for string value

 "DELETE FROM {$_SESSION["group"]}
  WHERE file='$file';"

or previous a proper sanitize of you var you can use string concatenation

 "DELETE FROM  "  .$_SESSION["group"] . 
  " WHERE file='" . $file "';"
Comments