I have a variable like this:
$var = "INSERT INTO `gaz_001rigdoc`(`id`) VALUES (".$variabletest.");";
Afterwards, I need do this:
$querygo = mysql_query ($var);
Is this possible? How can I do this? Thank you.
3 Answers
Mysql query need ' ' with every string
$var = "INSERT INTO `gaz_001rigdoc`(`id`) VALUES ('$variabletest')";
Comments
Try this
$var = "INSERT INTO
gaz_001rigdoc(id) VALUES ('".$variabletest."')";
2 Comments
Andrea php
It work man. Thank you. I have a very long variable and i don't remember the '' between the value. Thank you again!
VolkerK
In that case please have a read of docs.php.net/security.database.sql-injection (chances are you haven't considered it yet).
Ofcourse you could do that:
$variabletest = 123;
$var = "INSERT INTO `gaz_001rigdoc`(`id`) VALUES ('$variabletest')";
$querygo = mysqli_query($con, $var);
Notice:
$conis a connection made variable in mysqli.
mysql_*API. usemysqli_*orPDOwith prepared statements$var = "INSERT INTOgaz_001rigdoc(id) VALUES ('".$variabletest."')";