PHP Variable in mysql_query

Question

I have a variable like this:

$var = "INSERT INTO `gaz_001rigdoc`(`id`) VALUES (".$variabletest.");";

Afterwards, I need do this:

$querygo = mysql_query ($var);

Is this possible? How can I do this? Thank you.

You should not use the deprecated mysql_* API. use mysqli_* or PDOwith prepared statements — Jens
– Jens, Commented Sep 25, 2015 at 10:07
Add single quotes arround the value $var = "INSERT INTO gaz_001rigdoc(id) VALUES ('".$variabletest."')"; — Jens
– Jens, Commented Sep 25, 2015 at 10:08

Abhishek Sharma · Accepted Answer · 2015-09-25 10:15:08Z

2

Mysql query need ' ' with every string

$var = "INSERT INTO `gaz_001rigdoc`(`id`) VALUES ('$variabletest')";

answered Sep 25, 2015 at 10:15

Abhishek Sharma

6,6241 gold badge17 silver badges20 bronze badges

Sign up to request clarification or add additional context in comments.

Comments

Chintan Mathukiya · Accepted Answer · 2015-09-25 10:10:11Z

1

Try this

$var = "INSERT INTO gaz_001rigdoc(id) VALUES ('".$variabletest."')";

answered Sep 25, 2015 at 10:10

Chintan Mathukiya

3935 silver badges26 bronze badges

It work man. Thank you. I have a very long variable and i don't remember the '' between the value. Thank you again!

In that case please have a read of docs.php.net/security.database.sql-injection (chances are you haven't considered it yet).

DirtyBit · Accepted Answer · 2015-09-25 10:11:43Z

1

Ofcourse you could do that:

$variabletest = 123;

$var = "INSERT INTO `gaz_001rigdoc`(`id`) VALUES ('$variabletest')";

$querygo = mysqli_query($con, $var);

Notice: $con is a connection made variable in mysqli.

answered Sep 25, 2015 at 10:10

DirtyBit

16.8k5 gold badges37 silver badges56 bronze badges

Might have been something fancy I didn't know about ;)

@Epodax Ahh, I see what you did there ;)