Simple PHP MYSQL query problem

Johannes Moolman

Hi guys Im struggling with something small. i am watching tutorials on PHP and MYSQL but since the video and now SQL syntax changed. please check my query if the syntax is correct, it worked fine until i inserted my variable $uh.... not sure if im missing quotes or something. any help will be appreciated.

Unhealthy Healthy

'; } } } } ?>

Jochen Arndt

Your question is meanwhile 10 days old but this might still help.

Quote:

i am watching tutorials on PHP and MYSQL but since the video and now SQL syntax changed

Don't use videos for learning programming. Most of them are of poor quality and some are telling you even wrong. Use books or web tutorials and read the official documentation for the used languages and functions (PHP: PHP Manual - Manual[^] and the documentation of the used database).

$uh=strtolower($_GET['uh']);
if($uh=='u'||$uh=='h'){

Never use == for string comparison. Use === or PHP: strcmp - Manual[^] to check for identity to avoid type juggling (see PHP: Comparison Operators - Manual[^]). Always check for error return values and print error messages. This is especially useful with mysqli functions during development because you will get meaningful database error messages that help you finding syntax error in SQL query strings:

if ($result=mysqli_query($link, $sql)) {
if (mysqli_num_rows($result)) {
// Process rows here
}
else {
echo 'no results';
}
}
else {
printf("SQL error: %s\n", mysqli_error($link));
}

Because $uh is a string and the healthy_unhealthy field probably too or a single character, you should enclose the value in single quotes in the query string:

$sql = "SELECT food,calories FROM food WHERE healthy_unhealthy = '". $uh . '" ORDER by id";

SiFinances

You should also escape variable

$_GET

- security...