Query works fine in phpmyadmin returns 0 rows when ran from php

Question

I'm really stumped by this. Here is the php:

Update: I have escaped the inputs (before I did this a different way, but didn't know about mysql_real_escape_string). Also, I replace the double quotes with single quotes, yet the same problem is happening. Below is the updated code:

$request = mysql_real_escape_string($_POST['id']);
$colName = mysql_real_escape_string($_POST['col_name']);

function executeAssoc1($q)
{
    $r = mysql_query($q) or die(mysql_error() . ' ' . $q);
    $rass = mysql_fetch_assoc($r);
    return $rass;
}

foreach(array_keys($_POST) as $pitem)
{

    if($pitem == (...what I want it to...))
    {
        $pitem_name = mysql_real_escape_string(rawurldecode($pitem));

        $qf = "SELECT * FROM possible_values WHERE table_id=$request AND col_name='$colName' AND value = '$pitem_name'";
        $qfr = executeAssoc1($qf);
        var_dump($pitem_name);
        echo '<br>';
        var_dump($qf);
        echo '<br>';
        var_dump($qfr);
    }

}

Here is part of what that code outputs during one loop:

string(37) "1 .New England (Northeast region)"
string(122) "SELECT * FROM possible_values WHERE table_id=3 AND col_name='DIVISION' AND value = '1 .New England (Northeast region)'"
bool(false)

Now when I copy that query into the phpmyadmin SQL editor it does actually return a result. I even tried using LIKE "%...%" as suggested in here but the same thing happens (phpmyadmin returns a row, php returns 0 rows).

Answer 1

you should use single quotes instead of double quotes, ie:

SELECT * FROM possible_values WHERE table_id=3 AND col_name='DIVISION' AND value = '1 .New England (Northeast region)'

Answer 2

Double quotes are not allowed for strings in SQL, as they are used for identifiers (like MySQL uses the backtick '`'). I think MySQL allows them for strings with some settings, but you shouldn't use them.

Technically that should return an error, so I don't think that's your problem.

What could be your problem is that you're using the old mysql extension, which may not support your mysql version.

Answer 3

Might be a typo, but

table_id=$request

should have quotes around it:

table_id='$request'

Answer 4

From the manual on rawurldecode():

Note: rawurldecode() does not decode plus symbols ('+') into spaces. urldecode() does.

if you output your mySQL query, I bet your strting will look something like this:

1+.New+England+(Northeast+region)

try urldecode() as the manual entry suggests.