I have the following code
if(isset($_POST['submit']) || isset($_POST['mon']) || isset($_POST['yer']) ||
isset($_POST['acty'])) {
$mon = $_POST['mon'];
$yer = $_POST['yer'];
$acty = $_POST['acty'];
}
$str = "SELECT pty, SUM(`PW`) as Total
FROM heal
WHERE mon='$mon'
AND yer='$yer'
GROUP BY pty";
how can i pass the variable $acty
into this: SUM('PW')
....That is SUM('$acty')
exactly as you said.
$str = "
SELECT
pty,
SUM($acty) as Total
FROM
heal
WHERE
mon='$mon' AND
yer='$yer'
GROUP BY
pty";
You can have variables inside double quotes and php will give you its contents.
Side Note: Your code is open for SQL Injection, you must need to prevent your code with SQL injection. Some useful links:
How can I prevent SQL injection in PHP?
Are PDO prepared statements sufficient to prevent SQL injection?
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.