views:

44

answers:

4

Hi!

i'm trying to use the statement like of sql but unfortunately I get an error every time I use the query. In a php file I have:

$b = "SELECT Nombre, Link, Img_Pre, Precio, Descripcion, ID, Categoria, Subcategoria 
    FROM Productos WHERE Nombre LIKE \"%$a%\"";

but i get this error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\"%THE VALUE OF A%\"' at line 1

If i try the same statement on phpmyadmin i don't have any error. Why with php I get this error?

Thanks!

+3  A: 

Use single quotes in your LIKE string instead (I believe phpMyAdmin magically converts that to single quotes for you before running the query):

$b = "SELECT Nombre, Link, Img_Pre, Precio, Descripcion, ID, Categoria, Subcategoria FROM Productos WHERE Nombre LIKE '%$a%'";

Make sure you've escaped $a using mysql_real_escape_string() too, because it might be breaking your queries by introducing unescaped quotes!

BoltClock
what's wrong with double quotes?
Col. Shrapnel
double quotes under php are used for Literal chars, so `"hey $username"` would convert username into its value, but `'hey $username'` would not.. it would literally print out `$username`. I believe that this is the same with mysql, there a separation of string containers to make it easy for the user to specify what to be parsed, such as escape chars etc.
RobertPitt
@RobertPitt you are wrong. there is nothing nearly similar in mysql. Both quotes are equal in every way.
Col. Shrapnel
I should of consulted the docs first. +1
RobertPitt
@Col. Shrapnel: I don't know, PHP's MySQL extension just acts that way.
BoltClock
BoltClock nope, MySQL extension acts ether way. should of consulted the docs first as that dude just said.
Col. Shrapnel
A: 
$b = "SELECT Nombre, Link, Img_Pre, Precio, Descripcion, ID, Categoria, Subcategoria 
    FROM Productos WHERE Nombre LIKE \"%"+$a+"%\"";
oneat
A: 

Try:

$b = "SELECT Nombre, Link, Img_Pre, Precio, Descripcion, ID, Categoria, Subcategoria FROM Productos WHERE Nombre LIKE '%$a%'";

Some SQL queries will croak if you don't use apostrophes as the string delimeter

Rowland Shaw
What queries? Got an example?
Col. Shrapnel
@Col Depends entirely on the whether you've got ANSI_QUOTES set: http://dev.mysql.com/doc/refman/4.1/en/server-sql-mode.html#sqlmode_ansi_quotes
Rowland Shaw
A: 

WOW how fast are you guys! Thanks a lot for your help. Finally with your answer I was sure that this part of my code was correct and when Bolt said me that I have to use 'mysql_real_escape_string' I realized that in this variable I didn't use it but what it's more, I used after defining all the query. I change 'mysql_real_escape_string' from all the query to only my variable a and all gone well!

Thanks! :D

Eureka
That's what I suspected.
Col. Shrapnel