URL Variable for SQL table name

Hi all,

Anyone have an idea how to use URL Variable($table) for a SQL statement table name?

for example , my Database storing tables cdr01 , cdr02 ,cdr03 - cdr12

if from 1 passed “cdr01”($table) to form 2 , then form 2 will get $table and use for the sql statement table name , so the sql statement should be “select * from cdr01 where…”

Thank you.

Brgds/Brandon Chau

If you’re using basic mysql and not PDO then you can simply use the variable for the table name placement in the sql statment. Always a good idea to surround any table name with backticks too.
$table = mysql_real_escape_string($_GET[‘table’]);
mysql_query(“SELECT * FROM $table WHERE …”);[/php]

Hi ,

Thank you for sharing .

I have used the code as below and it works.

$result=mysql_query(“select * from $_GET[table][tr][td]”);
while($row = mysql_fetch_assoc($result)) {
echo $row[‘id’];

Hi ,

I don’t understand why it gets error “Warning: mysql_fetch_assoc() expects parameter 1 to be resource, boolean given in C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\WebForm\CCreportresult.php on line 12”

My code as below.

8 <?php
9 include(’…/Connections/LocalDB.php’);
10 $table = mysql_real_escape_string($_GET[‘table’]);
11 $result=mysql_query("SELECT * FROM $table");
12 while($row = mysql_fetch_assoc($result)){
13 echo $row[‘id’];
14 }
15 ?>

It would indicate that either $table holds no value or the value is not actually a table name in your db.
Replace this line and see what error it shows.
[php]$result=mysql_query("SELECT * FROM $table") or die(mysql_error());[/php]

Thank you for the reply.

it said No database selected

but i see the URL variable ?table=cdr201301 passed successfully and i have created a table cdr201301 in DB , may i know why it happens ?
Thank you

Brgds/Brandon Chau

Hi again,

now it said Table ‘atl. cdr201301’ doesn’t exist

atl is the DB name
cdr201301 is the table name

I input cdr201301 at form 1 and submitted , so i supposed it should pass cdr201301 only, but why it pass atl. cdr201301?
Thank you for the help.

Brgds/Brandon Chau

Sponsor our Newsletter | Privacy Policy | Terms of Service