SQLSTATE[42S22]: Column not found: 1054 Unknown column 'ABC' in 'where clause' (SQL: SELECT * FROM daycares WHERE city = ABC)

Question

Im calling this controller method from a search field. I need to check wether the entered value exists in city, state or zip fields in the database. But I'm getting the above error. How to resolve this?

  public function search_x(Request $request)
{
    $value = $request->input('search_daycare_zip');

    $data1 = DB::select('SELECT * FROM daycares WHERE city = '.$value.'');
    $data2 = DB::select('SELECT * FROM daycares WHERE state = '.$value.'');
    $data3 = DB::select('SELECT * FROM daycares WHERE zip = '.$value.'');

    if($data1 != null){
        return view('daycare.daycares')->with('daycares',$data1); 
    }else if($data2 != null){
        return view('daycare.daycares')->with('daycares',$data2); 
    }else if($data3 != null){
        return view('daycare.daycares')->with('daycares',$data3); 
    }else{
        return view('daycare.no_daycare');
    }
    // return 'done';
}enter code here

why don't u use eloquent builder, your code easily cause sql-inject. — TsaiKoga, Apr 14 '20 at 09:00
$data = DB::table('daycares')->where('zip', $value); like this? — harinsamaranayake, Apr 14 '20 at 09:07
this is query-builder, but it is ok. And you forgot the `->get()` to get datas from db. — TsaiKoga, Apr 14 '20 at 09:15

score 0 · Answer 1 · answered Apr 14 '20 at 09:03

0

As TsaiKoga said, your Code is vulnerable for SQL injections and the usage of a proper SQL builder should be prefered. Besides that - i guess you are missing " around your value in the SQL string.

answered Apr 14 '20 at 09:03

Andy May

1
3

SQLSTATE[42S22]: Column not found: 1054 Unknown column 'ABC' in 'where clause' (SQL: SELECT * FROM daycares WHERE city = ABC)

1 Answers1