Korne127 Korne127 - 5 months ago 9
MySQL Question

How to search in a mysql database with variables

Somebody can login. If he login, the entered password (decoded) will be compared with the right passwort (also decoded)
But if I make

$sql = "SELECT PasswordDecode FROM Userinformations WHERE Username = ".$Username;
foreach ($pdo->query($sql) as $row) {
$PasswordDecode = $row["Password decode"];
}


this error comes:


Warning: Invalid argument supplied for foreach() in ...


I don't understand. If the username is
DumbUsername
and I make

$sql = "SELECT PasswordDecode FROM Userinformations WHERE Username = DumbUsername";


No error happend and it works. But if I write the Username in a variable, it dowsn't work. Why?

Please answer.

Answer

Change your query, use quotes arround variable

  $sql = "SELECT PasswordDecode FROM Userinformations WHERE Username = '$Username'";