php - SQL query with quotes doesn't return results -
i'm trying query sql database using pdo. there instances in there quotes in query.
function getpagebypagid($pagid) { $db = dbconnection(); $sql = "select * pages pagid='".$pagid."'"; $q = $db->prepare($sql); $q->setfetchmode(pdo::fetch_assoc); $q->execute(); $results = $q->fetch(); homecoming $results; } the function i'm using prepare sql still should work if $pagid has quotes in it. working when there aren't quotes, still isn't when there quotes. why isn't working?
p.s.: quotes aren't escaped or in database.
may causing have integer type of field , sending string seek with
$sql = "select * pages pagid='$pagid'"; or improve utilize placeholder (pdo standard)
function getpagebypagid($pagid) { $db = dbconnection(); $sql = "select * pages pagid= :pagid"; $q = $db->prepare($sql); $q->bindparam(':pagid', $pagid); $q->setfetchmode(pdo::fetch_assoc); $q->execute(); $results = $q->fetch(); homecoming $results; } php mysql pdo
No comments:
Post a Comment