where子句中的未知列

Question

This script is supposed to retrieve the CustomerID for the Customer_First_Name and Customer_Last_Name that has been entered into a form.

$query  = "SELECT CustomerID FROM customer WHERE Customer_First_Name = `.$db_customer_first_name.` AND Customer_Last_Name = `.$db_customer_last_name.`";
$result = mysql_query($query)
or die(mysql_error());
echo $result;
echo $query;

when the script runs I get this error:

Unknown column '.Christopher.' in 'where clause'

the query is never printed on the screen.

any help is appreciated.

Answer 1

您的报价不好用'而不是'

Answer 2

使用'代替remove`

$query  = "SELECT CustomerID FROM customer WHERE Customer_First_Name = '".$db_customer_first_name."' AND Customer_Last_Name = '".$db_customer_last_name."'";

Answer 3

You have to use single quotes for strings. Try again:

$query  = "SELECT CustomerID FROM customer WHERE Customer_First_Name = '".$db_customer_first_name."' AND Customer_Last_Name = '".$db_customer_last_name."'";

Answer 4

This should work:

$query  = "SELECT CustomerID FROM customer WHERE Customer_First_Name = '$db_customer_first_name' AND Customer_Last_Name = '$db_customer_last_name'";

You need to use normal single quotes for values. Also you don't need to break the string if you're using double quotes - variables are detected within the string.

Make sure you're also correctly escaping your strings for mysql to prevent injection.

Better still, look at moving to mysqli and using prepared statements.