0

I have a SQL statement that doesnt seem to be working, I've spent over an hour asking how to show what the statement looks like example:

$result = mysql_query("SELECT * FROM myTable WHERE id=$my_id AND status=$active");

Now all I need to do is view what the actual SQL is passed so I imagine it looks like this:

SELECT * FROM myTable WHERE id=2 AND status=4

I know this is probably super simple but the keywords im searching is not bringing back the answers, I've tried print_r, echo $result, mysql_fetch_array, etc. and it's not really getting what I need, can someone put me out of misery and tell me how I can get back the hour of my life i just wasted?

Improve this question
4
  • echo "SELECT * FROM myTable WHERE id=$my_id AND status=$active"? Commented Aug 12, 2012 at 12:54
  • 3
    warning your code may be vulnerable to sql injection attacks Commented Aug 12, 2012 at 12:54
  • 3
    As stated in the introduction to the PHP manual chapter on the mysql_* functions: This extension is not recommended for writing new code. Instead, either the mysqli or PDO_MySQL extension should be used. See also the MySQL API Overview for further help while choosing a MySQL API. Commented Aug 12, 2012 at 13:03
  • Thanks guys, im new to php and mysql and this is the basics i learned, so does this mean i have to recode my whole site or is it just where there is MySQL queries, any good resources for a newbie to make this transition and learn about mysqli or PDO and for a newbie which is better? Commented Aug 12, 2012 at 16:13

3 Answers 3

Reset to default
2 
$sql = 'SELECT * FROM myTable WHERE id='.is_int($my_id).' AND status='.is_int($active);
$result = mysql_query($sql);
echo $sql;
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

this may introduce sql injection attacks.
yeah, it depends on if the status is a string or int, of cause. The best thing would be to use pdo and do prepared statements, but it doesn't seem that that's what's beeing used.
1

Just echo it.

echo "SELECT * FROM myTable WHERE id=$my_id AND status=$active";
Improve this answer

Comments

0 
$sql = 'SELECT * FROM myTable WHERE id='.mysqli_escape_string($my_id).' AND status='.mysqli_escape_string($active);
$result = mysqli_query($sql) or die mysqli_error()." Query:".$sql;

Use mysqli instead of mysql because mysql is deprecated Link.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.