php sql query


#1

[php]function option($qno,$opt,$ye,$se,$ba)
{
global $count;
$connect=mysqli_connect(“localhost”,“root”,"",‘eval’)
or die (“Connection to the server could not be established”);
$result=mysqli_select_db($connect,“eval”)
or die (“Database could not be selected”);
$sqlquery=“select count(*) from response where qno=”.$qno.“and t1=”.$cnt. “and sems=” .$se." and years =".$ye. “and batchs=”.$ba. ;
$result=mysqli_query($connect,$sqlquery) or die(“Query cannot be executed”);
$row=mysqli_fetch_row($result);
echo $row[0];
}[/php]
I am trying to access count of record satisfying above condition

here sems and batch are varchar variable, qno, t1,years are int variable
call option(1,8,$YEAR,$SEM,$BATCH);

here error in select count(*) querry
Please help


#2

Dropping variables into sql statements like that is hazardous. Using prepared statements is what you want to do…

If you were NOT doing string concatenation, you would probably see the problem.


#3

my doubt is how to do the concatnation of string and integer varible
here in my sql querry qno $optand years and are integers and batchs, sems are varchar() variables
I want a query like

select count(*) from response where qno=1 and t1=10 and sems =“Second” and years=2017 and batchs="C " ;
this will work as qsl as as needed. But when writing the coresponding php code it is not working
I do not know how to connect integer and strings

[php]function option($qno,$opt,$ye,$se, $ba)
{
global $count;

$connect=mysqli_connect(“localhost”,“root”,"",‘eval’)
or die (“Connection to the server could not be established”);
$result=mysqli_select_db($connect,“eval”)
or die (“Database could not be selected”);

$sqlquery='select count(*) from response where qno=.$qno.and t.$count=.$opt and sems =."$se". and years=.$ye and batchs=."$ba" ’ ;

function option($qno,$opt,$ye,$se,$ba)
{
global $count;
$connect=mysqli_connect(“localhost”,“root”,"",‘eval’)
or die (“Connection to the server could not be established”);
$result=mysqli_select_db($connect,“eval”)
or die (“Database could not be selected”);
$sqlquery='select count(*) from response where qno=.$qno.and t.$count=.$opt and sems =."$se". and years=.$ye and batchs=."$ba" ’ ;
$result=mysqli_query($connect,$sqlquery) or die(“Query cannot be executed”);
$row=mysqli_fetch_row($result);
echo $row[0];
}[/php]
I am trying to access count of record satisfying above condition

here sems and batch are varchar variable, qno, t1 ,years are int variable
call option(1,8,$YEAR,$SEM,$BATCH);

here error in select count(*) querry
Please help

[php]
$result=mysqli_query($connect,$sqlquery) or die(“Query cannot be executed”);
$row=mysqli_fetch_row($result);
echo $row[0];
}[/php]


#4

The answer is, you don’t. You use a prepared statement and let it handle the variables for you. Then you retrieve the value.