I am passing a PHP varibale into a oracle sql query. but its not taking it properly giving me ORA errors like - invalid character. I tried escaping the varibale as \\'$sid\\', this makes error go, but the query doesnt return anything. Is there a way to pass PHP variable to oracle query
if(isset($_POST['action']))
{
$sid = $_POST['action'];
$stid = oci_parse($conn, 'SELECT emp from table emp='$sid'');
oci_execute($stid);
}
I have removed to the database connection part for brevity.
'SELECT emp from table emp=\\'$sid\\''
is a string that you pass exactly as it is to Oracle, this is why it doesn't work.
You need to use oci_bind_by_name
to bind a placeholder to a PHP variable.
Example:
$variable = 42;
$stid = oci_parse($conn, 'SELECT col_name FROM tbl_name WHERE col_name > :num;');
oci_bind_by_name($stid, ":num", $variable);
oci_execute($stid);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.