variable in SQL query - PHP MYSQL

Question

I have 2 variable holding dates. I am getting a syntax error in the SQL statement when I use the variables.

$from_date = '2013-02-13';
$to_date = '2013-02-20';
$query="SELECT * FROM mytable where datex >= ".$fromdate." AND datex <= ".$todate.";

Help me identify and correct this syntax error?

Thanks.

jeroen · Accepted Answer · 2013-02-18 17:23:23Z

6

You need to quote your variables:

$query="SELECT * FROM mytable where datex >= '".$fromdate."' AND datex <= '".$todate." . "'";

But it would be better to use a prepared statement with bound variables. Then your query could look like (PDO):

$query="SELECT * FROM mytable where datex >= :fromdate AND datex <= :todate";

answered Feb 18, 2013 at 17:23

jeroen

91.8k22 gold badges117 silver badges132 bronze badges

Sign up to request clarification or add additional context in comments.

Comments

Dean Sambuca Newstead · Accepted Answer · 2013-03-22 17:37:04Z

0

im doing something similar would this be the correct way to do it ?

  <?php
  include 'connect.php';

  $id1 = $_POST['PatientID']; //Text box the user searches in
  $result = mysqli_query($con,"SELECT * FROM PatientRecords WHERE PatientID= '".$id1."'");
  while($row = mysqli_fetch_array($result))

answered Mar 22, 2013 at 17:37

Dean Sambuca Newstead

95 bronze badges

Collectives™ on Stack Overflow

variable in SQL query - PHP MYSQL

2 Answers 2

Comments

Comments

Hot Network Questions

Collectives™ on Stack Overflow

2 Answers 2

Comments

Comments

Related