Results 1 to 2 of 2

Thread: Compare string to mySQL db with PHP

  1. #1
    Join Date
    Apr 2014

    Compare string to mySQL db with PHP

    I'm trying to pass a string with a AJAX Post to a PHP script and then find the string in a mySQL database, any idea what I'm doing wrong?

    Heres the top of the AJAX:

    				url: "pick.php", 
    				type: "post", 
    				data: {video_id: vid_id },
    (vid_id) is the string var

    And heres the PHP:

    if (isset($_POST['video_id'])) {
    		$id = ($_POST['video_id']);
    		$text_result = mysql_query("SELECT * FROM `wmtwDB` WHERE `url` LIKE (" . $id . ") LIMIT 1");
    Any ideas where I'm going wrong?

  2. #2
    Join Date
    Mar 2005
    Behind you...
    As far as I know, table names and column names do not get placed in quotes in a query, so that could be the issue here.
    Also, I can't say I've ever seen parentheses used in a LIKE statement, so I'm not really sure if it's allowed or necessary.
    Lastly, it looks like you are setting the $id variable as a number, or at least trying to parse it that way. I'm not really sure that using the LIKE command for integer or numeric fields works, or at least would be advised. It appears to be applied to the url field in your database though, and I assume that's not a numeric field, thus the $id variable should be a string (and wrapped in single quotes in your query). And because I assume you're searching a full URL in that field for a specific id, you would also need to use the % wildcard.

    So, in conclusion, my suggestions give you something like this:
    PHP Code:
    if(isset($_POST['video_id'])) {
    $id $_POST['video_id'];
    $text_result mysql_query("SELECT * FROM wmtwDB WHERE url LIKE '%" $id "%' LIMIT 1");

    And one final note would be about using mysql_query() (and all related functions). You should update to mysqli (link1 or link2) or PDO (link) as they are more secure and will continue to be supported for a while. In the current version of PHP (5.5) the original mysql functions were removed and thus your code will stop working if the server you are on updates their version of PHP. And again there is also the potential security issues that can arise from using the old functions.
    "Given billions of tries, could a spilled bottle of ink ever fall into the words of Shakespeare?"

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
HTML5 Development Center