2006/10/3, Charley Tiggs <lists@tiggs.net>:
> ben wilko wrote:
> > Hi Guys
> >
> > I am printing names into a combo box and posting the variable. I try and use the
> > name ($Sem) in an SQL statement; WHERE name = $Sem; but I get an error which is
> > displayed near the end of this message. Are we able compare php string to
> > postgresql character varying?? not sure how else to do the selection
> >
> >
> > $conn = pg_Connect("host=localhost dbname=#### user=#### password=####");
> > if (!$conn) {echo "An database connection error occurred.\n"; exit;}
> >
> >
> > // e.g. $Sem = "seminar one";
> >
> > $Sem = $_POST['Seminars'];
> >
> >
> > $Sem_No = pg_Exec($conn,"SELECT seminar_id FROM seminar WHERE name = $Sem");
> > if (!$SemNo) {echo "A query error occurred in retreiving the selected seminar's
> > ID <br>"; /*exit;*/}
> > $Sem_No = pg_Result($Sem_No, 0);
> >
I think you should try:
$Sem_No = pg_Exec($conn,"SELECT seminar_id FROM seminar WHERE name =\"$Sem\"");
OR
$Sem_No = pg_Exec($conn,"SELECT seminar_id FROM seminar WHERE name ='$Sem'");
OR
$Sem_No = pg_Exec($conn,"SELECT seminar_id FROM seminar WHERE name
='".$Sem."';";);
or something like this for escape "seminar one" with " " inside the sql query
But i look the table description you still compare a integer row with
a string row
try maki the query like this:
$Sem_No = pg_Exec($conn,"SELECT name FROM seminar WHERE name =
'$Sem'");
> > // Error Message
> >
> > *Warning*: pg_exec() [function.pg-exec
> > <http://www.citanalyst.com/jet/form/function.pg-exec>]: Query failed: ERROR:
> > syntax error at or near "one" at character 54 in
> > */home/bdwilko/public_html/jet/form/insertP.php* on line *56*
> > A query error occurred in retreiving the selected seminar's ID
> >
>
> Make sure that you're quoting the value you want to compare. At a quick
> glance, this where the error is:
>
> $Sem_No = pg_Exec($conn,"SELECT seminar_id FROM seminar WHERE name = $Sem");
>
> should be:
>
> $Sem_No = pg_Exec($conn,"SELECT seminar_id FROM seminar WHERE name =
> '$Sem'");
>
> To be more accurate, you should probabley do:
>
> $Sem = pg_escape ( $Sem );
> $Sem_No = pg_Exec($conn,"SELECT seminar_id FROM seminar WHERE name =
> '$Sem'");
>
> Charley
>
> ---------------------------(end of broadcast)---------------------------
> TIP 9: In versions below 8.0, the planner will ignore your desire to
> choose an index scan if your joining column's datatypes do not
> match
>
Daniel Carrero Canales