How to display the selected data in those fields php?

Question

I wrote the following code. It works when the primary key is integer. However when the primary key is String (which is what I need) it does not display the selected data in those fields. this is the code:

include("connection.php");
$equipId=$_GET["equipment_id"];
$conn = oci_connect($dbuname, $dbpwd,$db) or die("DB connection unsuccessful!");
$query= "SELECT * FROM EQUIPMENT WHERE EQUIPMENT_ID =".$_GET["equipment_id"];**

Can you please help me with this?

Can questions be closed on the grounds of "Bobby Tables" yet? — CD001, Jun 19 '15 at 14:39
What CD001 means is, you're [vulnerable to SQL Injection](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php). Fix it, or lose (or worse, leak) your database. — Clockwork-Muse, Jun 21 '15 at 11:08

score 0 · Answer 1 · answered Jun 19 '15 at 14:41

0

When writing a query all strings must be encased in quotes, you may use single or double quotes.

$query= "SELECT * FROM EQUIPMENT WHERE EQUIPMENT_ID ='".$_GET["equipment_id"]."'";

answered Jun 19 '15 at 14:41

Pancho Berrizbeitia

1
2

hi, this did not solved the problem. Thanks though. – user3746882 Jul 03 '15 at 15:25

score 0 · Answer 2 · answered Jun 19 '15 at 14:44

Short answer:

$query= "SELECT * FROM EQUIPMENT WHERE EQUIPMENT_ID ='".$_GET["equipment_id"] . "'";

Proper answer: please escape your inputs. I don't know that particular library you are using but I would advice using PDO or MySQLi

Here is s link that should be helpful: http://php.net/manual/en/function.oci-bind-by-name.php

How to display the selected data in those fields php?

2 Answers2