so I have a mysql query that looks like this.
$copy = mysql_query("SELECT `id` FROM `brain` WHERE `id` = '$user_screen_name' && '$posts['title']'");
I want the query to search for the id that is in the table where screen name and post title strings are matched and put the found id in a variable. How would I do this?
分享 First, some warnings:
Please stop using mysql_* functions. These extensions have been removed in PHP 7. Learn about prepared statements for PDO and MySQLi and consider using PDO, it's really pretty easy.
Little Bobby says your script is at risk for SQL Injection Attacks.. Even escaping the string is not safe!
To fix your query you need a separate AND condition for each item you want to filter against:
WHERE `id` = '$user_screen_name'
AND `title` = '$posts["title"]'
Without seeing your table layout it would be hard to go much further but if you want the id in a variable you would do this after the query:
$row = mysql_fetch_array($copy);
Once done, $row['id'] will be the variable containing the id.
分享
