0

I am trying to execute the query below.

$condition = "WHERE emp_id = '$emp_id'"; 
$myquery = "SELECT * FROM emp_table".$condition;

I expect my query to be like this, but dynamically:

$myquery = "SELECT * FROM emp_table WHERE emp_id = '$emp_id'";

Is there anyway to make SQL statements dynamically through variables in php..?

intboolstring
  • 6,891
  • 5
  • 30
  • 44
Vilva Athiban
  • 1
  • 5
  • what's the error you getting? – Rahul Sep 19 '15 at 15:51
  • 2
    first, `myquery` is missing a `$`; second, it will read `... emp_tableWHERE ...`; third: what database library are you using? mysqli? PDO? What's your code? – Kenney Sep 19 '15 at 15:52
  • http://php.net/manual/en/language.operators.string.php – Danijel Sep 19 '15 at 15:52
  • http://php.net/manual/en/pdo.prepare.php < this might help – BlitZ Sep 19 '15 at 15:52
  • thanks for the replies but nothing turned out.. :( – Vilva Athiban Sep 19 '15 at 16:08
  • Looks like there's not enough info in the question to solve the mystery. So, please elaborate... – VolkerK Sep 19 '15 at 16:17
  • Look at the expanded SQL string (`var_dump($myquery, __FILE__.__LINE__);`) and try it in an 'SQL IDE ' (phpmyadmin) is fine. It should work exactly the same there as in PHP. If it isn't clear what is happening then please post the complete code you are using to execute this SQL statement. – Ryan Vincent Sep 19 '15 at 18:00

3 Answers3

1

It should be 

$condition = "WHERE emp_id = '$emp_id'"; 
$myquery = "SELECT * FROM emp_table ".$condition;

you forgot to put $ on myquery

KennethC
  • 746
  • 2
  • 10
  • 27
0

Have you tried this? - 

$condition = "WHERE emp_id = '" . $emp_id . "'"; 
$myquery = "SELECT * FROM emp_table " . $condition;

PHP does not expand variables within single-quote strings.

echo "$name"; //works

echo '$name'; //does not work

Take a look at this: Single quotes or double quotes for variable concatenation?

Community
  • 1
  • 1
Sterex
  • 1,026
  • 1
  • 13
  • 29
  • Sterex, I tried but still its the same.. helpless :( – Vilva Athiban Sep 19 '15 at 16:09
  • Where are you getting the error? And what is the error? – Sterex Sep 19 '15 at 16:20
  • its not including the variables in SQL statement, i get error in $myquery, – Vilva Athiban Sep 19 '15 at 16:57
  • Hey @Multi-Coder, although I hate linking to W3Schools, here's something that will help you get started with PHP/MySQL (looks like you are VERY new to this): http://www.w3schools.com/PHP/php_mysql_select.asp Can you try using their syntax for preparing and executing your queries? – Sterex Sep 20 '15 at 08:29
  • hi.. thanks for ur response.. :) .. i am not new and i knew what all were there.. my problem is different.. example : i need a query = "select * from table" .. but i am spliting is as two variables.. $var1= "Select * ", $var2 = "from query". and finally, i execute my query as $myquery = $var1.$var2; .. But its not working – Vilva Athiban Sep 21 '15 at 17:20
0

You should never build queries dynamically like that. Correct way to do it is to use prepared statements.

In your case it'll be like that

$statement = $pdo->prepare("SELECT * FROM emp_table WHERE emp_id = :emp_id");
$statement->execute(array(
    ':emp_id' => $emp_id
));

$rows = $statements->fetchAll(PDO::FETCH_ASSOC);
Elon Than
  • 9,603
  • 4
  • 27
  • 37
  • Hi elon, I dont need to include variable in WHICH clause.. My requirement is, depending on the input, the WHERE clause itself is to be included r excluded.. ex) if emp-id is blank, then it should not include the condition emp_id = $emp_id – Vilva Athiban Sep 19 '15 at 16:13
  • You should include that in your question. – Elon Than Sep 19 '15 at 16:14
  • Sorry for that, but my example stated that.. may be you dnt have a look – Vilva Athiban Sep 19 '15 at 16:56