MySQL syntax error in SELECT query

Question

My code:

$fileid = $_GET['imgid'];
$fileid = (int)$fileid; //id is int type in photos table

require 'database.php';

//get the image sourc name

$q = "SELECT src form photos WHERE id='$fileid'";
$result = $mysqli->query($q) or die(mysqli_error($mysqli));

if ($result) 
{
    $row = $result->fetch_object();
    $filename = $row->src;

ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'photos WHERE id='12'' at line 1

Answer 1

You have FROM misspelled. Try:

$q = "SELECT src FROM photos WHERE id='$fileid'";

---

In addition, while not related to this syntax error, note that your code appears to be vulnerable to SQL Injection.