SQL query condition in where

Asked Feb 11 '20 at 19:26

Active Feb 11 '20 at 19:26

Viewed 31 times

I have a request like this.

"SELECT * 
FROM st_items
WHERE item_id < " . $_POST['id'] . "
AND item_board=" . $_POST['board'] . "
ORDER BY item_id
DESC LIMIT {$itemLoad_limit}"

WHERE item_id < " . $_POST['id'] . " It works as it should.

But when I add AND item_board=" . $_POST['board'] . "

I have a Fatal error.

Uncaught exception 'PDOException' with message 'SQLSTATE[42S22]: Column not found: 1054 Unknown column '' in 'where clause''

Can you help me figure out what the problem might be?

asked Feb 11 '20 at 19:26

RNufnrjM95

2

*Never* munge query strings with literal values. *Always* use parameters! – Gordon Linoff Feb 11 '20 at 19:27
Examine the actual query you're executing, not the code which generates the query. Additionally, the proposed duplicate shows you how to correctly use query parameters in PDO, preventing this kind of thing from happening in the first place. – David Feb 11 '20 at 19:29

0 Answers0