I need proper syntax/procedure for inserting a variable into a SELECT query...

Hello All,

Here's what I want to do:

Take this - $sql = 'SELECT name FROM galleries WHERE spec = XYZ'

where XYZ is a variable passed down from a query string.

What is the proper syntax/procedure for placing a variable in the above statement? I'm trying everything I can think of to no avail.

For what it's worth, I'm using MySQLi.

Thanks in advance for any help you can offer!

Sincerely,

wordman

I don't know MySQLi, but I would try something like this:

$sql = 'SELECT name FROM galleries WHERE spec = ' + XYZ

Phil,

Thank you for the prompt answer. It's still not working though, so here is the exact code I am using:

//get data from query string
$_SERVER['QUERY_STRING'];
$spec = $_GET['ct'];

//includeMySQL connector function
if (! @include('includes/connect.php')) {
echo 'Sorry, database unavailable';
exit;
}

//create a connection to MySQL
$conn = dbConnect('query');

// prepare query
$sql = 'SELECT g_name FROM galleries WHERE g_spec = ' + $spec ;

// submit the query
$result = $conn->query($sql) or die(mysqli_error());

// extract the first record as an array
$row = $result->fetch_assoc();

Dreamweaver won't preview it on my local test server which tells me something is not right with the code.

Any and all help would be immensely appreciated.

Very sincerely,

wordman

Quit looking, I found it.

This is the part that I was missing. I found it on a php developer forum and just tested it...works perfect!

$sql = "SELECT g_name, g_desc FROM galleries WHERE g_spec = '$spec%' " ;

What I didn't know was that I had to surround the variable in quotes and add the % at the end. Now, I can pull the data from my DB however I like and it works.

I wanted to post this here in case anyone else had a similar hitch.

Many thanks to everyone here for your help!

Cheers,

wordman