Insert url value in mysql query

Question

I'm using the following string to get items from my database:

mysql_query("SELECT * FROM tracking WHERE track_id = '123' ");

I want to get the 123 from the url using a process similar to echo $_GET['id']; so when the url is "http://example.com/?id=456" the string will apear as below:

mysql_query("SELECT * FROM tracking WHERE track_id = '456' ");

Any help would be greatly appreciated.

Answer 1

As you already proposed...

mysql_query("SELECT * FROM tracking WHERE track_id = '<?php echo $_GET['id']; ?>' ");

or (since you are probably already in php)...

mysql_query("SELECT * FROM tracking WHERE track_id = '" . $_GET['id'] . "' ");

Answer 2

Try this one mysql_query("SELECT * FROM tracking WHERE track_id = '".$_GET['id']."' ");

Answer 3

mysql_query("SELECT * FROM tracking WHERE track_id = '".$_GET['id']."' ");

Answer 4

That'd be a possible approach.
Remember that mysql functions are deprecated (use mysqli instead) and don't forget to sanitize your input.

$id = $_GET['id'];
$id = mysqli_real_escape_string($id);

mysqli_query($db,"SELECT * FROM tracking WHERE track_id = '".$id."' ");