0

Goog morning all

I have a problem with my code visibly

here it is :

<fieldset>
 <?
 if(isset($_POST['requete']) && $_POST['requete'] != NULL){
  include "connexion.inc";
  $reponse = $bdd->query('SELECT id_piece, piece 
  FROM tbl_piece 
  WHERE piece = '.$requete.' ');
  while($donnees = $reponse->fetch()){
   echo $donnees['id_piece'];
  }
 }
 else{
  echo $requete;
 }
 ?>         
 <form method="post" action="standard.php">
 <input type="text" name="requete">
 <input type="submit" value="Rechercher">
 </form>
 </fieldset>

When i enter a things like " TL081 " in my webpage in the textbox then validate

i take this error :

Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1' in /home/libtronic/www/html/standard.php:48 Stack trace: #0 /home/libtronic/www/html/standard.php(48): PDO->query('SELECT id_piece...') #1 {main} thrown in /home/libtronic/www/html/standard.php on line 48

After some search, my problem come from this => '.$requete.' i try to put .$requete. or '".$requete."' or else but didn't work

Someone could help me please ?

Khaleesi
  • 1
  • 1

1 Answers1

1

Try by replacing the line

$reponse = $bdd->query('SELECT id_piece, piece 
FROM tbl_piece 
  WHERE piece = '.$requete.' ');

with 

$reponse = $bdd->query("SELECT id_piece, piece 
  FROM tbl_piece 
  WHERE piece = '".$requete."'");
MKB
  • 777
  • 1
  • 9
  • 27