How do I use a user's input as 1 of the arguments for an sql function?
Question
*This is a simplified version of the code
I have a query
SELECT func('123', x, '789');
where X is dependent on the user's input into a text box;
I tried
$result = pg_query($conn, "SELECT func('123', _GET['x'], '789')");
where x is retrieved from
<form method="get">
x: <input type="text" name="x"><br/>
<input type="submit">
</form>
however, this doesn't seem to work. Also, does the position of the PHP within the html make a difference?
Here is the entire code:
<!DOCTYPE html>
<html>
<body>
<?php
$string_connection = "host=localhost port=5432 user=myname dbname=mydb";
$conn = pg_connect($string_connection);
$result = pg_query($conn, "SELECT get_champ('123', $_GET['x'], '789')");
while ($row = pg_fetch_row($result)) {
echo "$row[0]";
echo "<br/>\n";
}
?>
<form method="get">
End Date: <input type="text" name="x"><br/>
<input type="submit">
</form>
</body>
</html>
1 answers
solution1
1 ACCPTED 2014-03-31 07:11:29
Edit
Use:
$x = $_GET['x'];
then use ($conn, "SELECT get_champ('123', '$x', '789')")
$string_connection = "host=localhost port=5432 user=myname dbname=mydb";
$conn = pg_connect($string_connection);
$x = $_GET['x'];
$result = pg_query($conn, "SELECT get_champ('123', '$x', '789')");
while ($row = pg_fetch_row($result)) {
echo "$row[0]";
echo "<br/>\n";
}
and if it's an int , use $x = (int)$_GET['x'];
Original answer
name"x" missing = change to name="x"
also, either use $_GET['x'] or {$_GET['x']}
$result = pg_query($conn, "SELECT func('123',{$_GET['x']}, '789')");
and
<form method="get">
x: <input type="text" name="x"><br/>
<input type="submit">
</form>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.