0

This is really weird.

This query obviously works:

$query = mysql_query("SELECT * FROM restaurant_page WHERE title LIKE '%$search_title%'");

But, this doesn't:

$category = 'restaurant_page';

$query = mysql_query("SELECT * FROM '$category' WHERE title LIKE '%$search_title%'");

With the second query, I get the resource boolean error.

$category is table the user wants to search from. When I print out the query with the variable, it's the exact same as the first one. Why wouldn't this work?

Improve this question
3
  • I hightly doubt "it's the exact same as the first one". Commented Nov 16, 2011 at 19:22
  • 1
    Make sure you sanitize your input. xkcd.com/327 Commented Nov 16, 2011 at 19:23
  • 1
    Got is guys. Thanks. It was ticks. I was thinking INSERT VALUES. Uggg... That was dumb. Commented Nov 16, 2011 at 19:25

7 Answers 7

Reset to default
2

Does the query created with the variable have quotes areound the table name? That seems like a mistake to me.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

Don't use single quotes around your table name, use backticks (`) instead:

$query = mysql_query("SELECT * FROM `$category` WHERE title LIKE '%$search_title%'");

NB. Please make sure that $category and $search_title are not plain user provided variables

Improve this answer

Comments

1

in the mysql query, don't put quotes around $category.

$query = mysql_query("SELECT * FROM $category WHERE title LIKE '%$search_title%'");
Improve this answer

Comments

1

Remove the single quotes from '$category'.

"SELECT * FROM '$category' WHERE title LIKE '%$search_title%'"
---------------^^^^^^^^^^^^

If needed, surround $category with backticks. This is only necessary if $category contains a MySQL reserved keyword. However, since it is a variable that could become a possiblity.

$query = mysql_query("SELECT * FROM `$category` WHERE title LIKE '%$search_title%'");

Of course, please don't forget to escape $category since it may be user input. We assume you have already done so for $search_title as well.

$category = mysql_real_escape_string($category);
Improve this answer

Comments

0

Why have you got quotes around $category - remove these and it should work.

Improve this answer

Comments

0

You should always seperate the variables from the actual string. Do something like this:

$category = "restaurant_page";

$query = mysql_query("SELECT * FROM `".$category."` WHERE title LIKE
'%".$search_title."%'");
Improve this answer

Comments

0

LOL. This makes my day. remove the quote on the $category. Im sure this is just a funny mistake. All of us made some mistake. hehe

To solve this change the ' to " 

$query = mysql_query("SELECT * FROM ".$category." WHERE title LIKE '%$search_title%'");
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.