PHP SQL 查询之谜

Question

This headache of a sql massage thrwos no error, but the $zvv variable is not being inserted properly in the query, it is like affecting the result as if it is "" nothing BUT it does have a valid string value, but it is not getting into the query.

See any problem with this sql?

$sqlQuery = " SELECT * FROM tbl_staff WHERE status =' "   .  $zvv .  " ' limit 
" . ($lowerLimit) . " ,  " . ($perPageCount) . " ";

Answer 1

Try this:

"SELECT * FROM tbl_staff WHERE status='$zvv' LIMIT 
    $lowerLimit , $perPageCount ";

Should do the trick.

Answer 2

You have spaces in your concatenation. Also if you use double quotes, the content of the variable will be printed out.

$sqlQuery = "
     SELECT * 
     FROM 
        tbl_staff 
     WHERE 
        status ='$zvv' 
      LIMIT 
        $lowerLimit , $perPageCount ";

Answer 3

You have spaces in your query:

$sql = " SELECT * FROM tbl_staff WHERE status =' "   .  $zvv .  " ' limit " . ($lowerLimit) . " ,  " . ($perPageCount) . " ";
                                           -----^           -----^

So if $zvv has a value of 'abc' you're using it in the query as status=' abc ' which, because of the spaces, isn't the same. Cleaned up result, this is how I prefer to write it:

$sqlQuery = "SELECT * FROM tbl_staff 
             WHERE status='".  $zvv ."' 
             LIMIT ". $lowerLimit.",".$perPageCount;

Answer 4

Thanks, got 2 birds with one stone here, some of this oughta work better than my current query, and prepared statements seem like a good permanent way to get past wrestling characters with this trial and error approach and that more safely from SQL injection risk.

That error was holding up the rest of the routine in a deceptive manner where it seemed to work until I looked closer, as this is the first time I messed with AJAX and pagination.

This advice oughta save some real sql-roulette headache time immensely in the future, it is pretty finicky but I understand why now.

Thanks everyone.