On Jun 16, 2014, at 9:58 PM, Ethan Rosenberg <erosenberg@xxxxxxxxxxxxxxxxxxxx> wrote: > Dear List - > > I have the following code: > > The input from the form is a 10 digit string [1234567890] which is converted to phone number format [123-456-7890] > > $phn = $_POST[phone]; > $phn = (string)$phn; > $dsh = '-'; > $Phn = $phn[0].$phn[1].$phn[2].$dsh.$phn[3].$phn[4].$phn[5].$dsh.$phn[6].$phn[7].$phn[8].$phn[9]; > echo $Phn; // this is folded by Thunderbird. In the script, it is //all on one line > > mysql_real_escape_string($Phn); > $sql1 ='select Lname, Fname from Customers where Phone = $Phn '; > echo $sql1; //this always shows $phn as Phn and not as a numerical //string. > $result1 = mysqli_query($cxn, $sql1); > > TIA > > Ethan > Well, from first glance you're combining mysql and mysqli. Don't know if that is wise or permissible since I think mysql has been depreciated. Go with mysqli. Next you may want to try... $sql1 = 'SELECT Lname, Fname FROM Customers WHERE Phone = '.$Phn; Best, Karl DeSaulniers Design Drumm http://designdrumm.com > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php