Php SQL if field.value = '?' include page.php else

Question

Can anybody see what I am doing wrong here? I am trying to include a certain page depending on the value of a field in database.

I have 2 tables to check,

if username appears in table.1 and field.units = days inlcude days.php

if username appears in table.1 and field.units = hours inlcude hours.php

if username appears in table.2 and field.units = days inlcude days.php

if username appears in table.2 and field.units = hours inlcude hours.php

   $username = $USER->firstname.' '.$USER->lastname;

    echo $username;

    $is_academic_result = mysql_query('SELECT * from holiday_entitlement_academic where employee = '.$username.'');
    $is_business_result = mysql_query('SELECT * from holiday_entitlement_business_manual where employee = '.$username.'');

    if(mysql_num_rows($is_academic_result) > 0){
    while($is_academic = mysql_fetch_array($is_academic_result)) {
    if ($is_academic['units'] == 'days'){include('days.php');}
    else if ($is_academic['units'] == 'hours'){include('hours.php');}
    }
    }

    else if(mysql_num_rows($is_business_result) > 0){
    while($is_business = mysql_fetch_array($is_business_result)) {
    if ($is_business['units'] == 'days'){include('days.php');}
    else if ($is_business['units'] == 'hours'){include('hours.php');}
    }
    }

Answer 1

If your usernames really do contain   (which seems like a poor design), you are missing quotes around the $username in your query. As you have it now, there are syntax problems where you are leaving open a single quote at the end and not quoting the $username at all.

// Use double quotes on the string, and single around $username
$is_academic_result = mysql_query("SELECT * from holiday_entitlement_academic where employee = '$username'");
// Same thing...
$is_business_result = mysql_query("SELECT * from holiday_entitlement_business_manual where employee = '$username'");

These problems would be revealed if you did some error checking on the result resources:

if (!$is_academic_result) {
  // Query problem
  echo mysql_error();
}
// Same for the other query...

Answer 2

First of all, you don't need to do any of these operations in while loops, since there will only ever be one or zero results returned (you're checking the primary key, right?).

Secondly, your query isn't set up correctly - you're using single-quotes but never escaping them.

So, with that in mind, we do the following:

$is_academic_result = mysql_query('SELECT * from holiday_entitlement_academic where employee = \'' . $username . '\'');
$is_business_result = mysql_query('SELECT * from holiday_entitlement_business_manual where employee = \'' . $username . '\'');

if($is_academic = mysql_fetch_array($is_academic_result)) {
    switch($is_academic['units']) {
        case 'days':
            include_once('days.php');
            break;
        case 'hours':
            include_once('hours.php');
            break;
        default:
            break;
    }
} else if ($is_business = mysql_fetch_array($is_business_result)) {
    switch($is_business['units']) {
        case 'days':
            include_once('days.php');
            break;
        case 'hours':
            include_once('hours.php');
            break;
        default:
            break;
    }
}

PLEASE NOTE You should stop using mysql_* functions. They're being deprecated. Instead use PDO (supported as of PHP 5.1) or mysqli (supported as of PHP 4.1). If you're not sure which one to use, read this SO article.

EDIT If you're unsure where the problem lies, you can always echo your query to make sure you're passing what you think you're passing to the database (more often than not, when a query isn't working, it's either this, or your logic is bad).