Alpha Numeric values xcannot be retrieved in PHP

Question

I am currently working on this project. Data can be retrieved from database with this code, if certificateNumber is numeric, but it does not search person if certificateNumber field has alphanumeric data.

Where am I wrong with this?

<?php
$flag = 0;
$reg=$_REQUEST["cerf"];
echo ($reg);
$con = mysqli_connect('localhost','neoncom_db','12345','neoncom_std');
$qur = 'select * from student where  certificateNumber = '.$reg;
$check = mysqli_query($con,$qur);
while($row=mysqli_fetch_array($check))
 {
  if($reg==$row["certificateNumber"])
  {
    $flag++;
    $first = $row["first"];
    $last=$row["last"];
    $num = $row["certificateNumber"];
    $name = $first ." ".$last;
    $course = $row["course"];
    $date = $row["signupDate"];
    echo($row["certificateNumber"]);
    echo($row["first"]);
    echo($row["last"]);
    }
    }

if(count==0)
{
echo("NOT FOUND");
}
?>

score 0 · Accepted Answer · edited May 23 '17 at 11:53

0

You need to encapsulate $reg in quotes. So your query string $qur should be like this:

$qur = "select * from student where  certificateNumber = '" . $reg . "'";

Sidenote: Learn about prepared statement because right now your query is susceptible to SQL injection attack. Also see how you can prevent SQL injection in PHP.

edited May 23 '17 at 11:53

Community

1
1

answered Feb 26 '17 at 09:53

Rajdeep Paul

16,887
3
18
37

Alpha Numeric values xcannot be retrieved in PHP

1 Answers1