hammad rashid hammad rashid - 13 days ago 8
HTML Question

Alphabet letters are not querying from the the table

I have a table with column BarcodeID ( 1 2 3 asd) numerical values are working and I am getting the right output but alphabet letters are not working.
It gives me error


Unknown column 'asd' in 'where clause'


This is the code I am using for querying.

<?php

require '../db/connect.php';

$id= $_POST['id']; // your post variable
$sql = "SELECT BarcodeID, Items, Price FROM stockdata WHERE BarcodeID=".mysqli_real_escape_string($con,$id);

$result = mysqli_query($con,$sql)or die(mysqli_error($con));

if(mysqli_num_rows($result)>0)
{
while($row = $result->fetch_assoc())
{
echo "<tr><td>"." "."</td>" ."<td>". $row["BarcodeID"]."</td>"."<td>" ."Product: "."</td>" . "<td>".$row["Items"]."</td>" ."<td>" ." price: " ."</td>"."<td class='price'>". $row["Price"]."</td>"."</tr>";
}
}
else
{
echo "No results found";
}
mysqli_close($con);

?>

Answer

Change this:

$sql = "SELECT BarcodeID, Items, Price FROM stockdata WHERE    BarcodeID=".mysqli_real_escape_string($con,$id);

to this:

$sql = "SELECT BarcodeID, Items, Price FROM stockdata WHERE    BarcodeID='".mysqli_real_escape_string($con,$id)."'";

The magic happens in adding ' before and after your value: mysqli_real_escape_string($con,$id)

EDIT:

The reason why it worked with ' is because MySql cannot interpret a string value if you don't mark it as string. 'YOURVALUE' isn't doing more than saying "HEY! I am a string, so interpret me as a string!".

The reason why giving an integer only worked is because MySql can interpret any integer without marking them as so.

So your error occurred because it tried to interpret the string value "asd" without knowing it was a string.

Pretty basic stuff.

I hope I explained it well enough (not my native language).

Comments