Fetching data from mySQL Database using PHP - Not working

I am trying to fetch data from a database but it seems not to work.

This is the code:


// Check if date already exists in the database
$searchQuery = "SELECT * from services WHERE 'date' = '".$newDate."'";
	// echo $searchQuery;

$search = mysql_query($searchQuery);
$row = mysql_fetch_array($search);

echo $row['date'];

When I echo the $searchQuery to check the syntax it is correct. I have copied and pasted it into phpMyadmin and run the query there and the result is found. However, for some reason it will not display on the web page. I don’t know if this matters but when I run the query in phpMyAdmin - It says “Showing rows 0 - 0 ( 1 total, Query took 0.0007 sec)” - Does this matter?

What could be wrong?

no, you didn’t, this query will not work in phpmyadmin either, not the way you wrote it here

‘date’ is a string

date is a qualified column name

look carefully, there’s a difference :slight_smile:

Ok - Thanks. That’s working now.
Perhaps you can help me with something else SQL Related… same project…

I am collecting data from a form to insert into the database. This is how I fetch the data from the form:


$originalDate = $_POST['date'];
$newDate = date("Y-m-d", strtotime($originalDate));
$howmany = $_POST['howmany'];
$musicContemp = $_POST['music_contemp'];
$musicReg = $_POST['music_reg'];
$minister = $_POST['minister'];
$topic = $_POST['topic'];
$desc = $_POST['desc'];
$forum = $_POST['forum_topic'];
$presenter = $_POST['presenter'];
$forumDesc = $_POST['forum_desc'];
$religious = $_POST['religious_ed'];

And this is how I build my query:


$query = "INSERT INTO services (
date,
number,
musicians_reg,
musicians_con,
minister,
topic,
topic_desc,
forum, presenter,
forum_secr,
religious)
VALUES (
'" . $newDate . "',
'" . $howmany . "',
'" . $musicReg . "',
'" . $musicContemp . "',
'" . $minister . "',
'" . $topic . "',
'" . $desc . "',
'" . $forum . "',
'" . $presenter . "',
'" . $forumDesc . "',
'" . $religious . "')
";

$update = mysql_query($query);
if (! $update) exit(mysql_error());
else echo '
<div class="result-header">
<span class="result-header">Sunday Services Form</span><br />
</div>
<div class="result">
The details have been updated and will now appear on the website.
</div>
';
return $update;

I need to know where in that code I use mysql_real_escape_string to make sure special characters entered into the form are escaped. When somebody enters something like “Let’s see if this works” the query fails because it isn’t escaped. I know I need to mysql_real_escape_string the values but I don’t know where to put it.

sorry, what you’re asking is only tangientially related to sql, it’s actually a php question, and i’m sorry, i don’t do php

pokes nose in, smelling PHP related stuff

mysql_real_escape_string may be used around any string (or variable) once the database connection has been established; however, the mysql_ library in PHP is being deprecated, and it is strongly advised you switch to mysqli_ or PDO, and in doing so, also change your query formation to use prepared statements; this will eliminate the need for escaping strings, as well as make your code more secure.