`` shouldn't react the same as ''. If it does though, maybe try using them but putting your variables outside the quotes: $query = "SELECT `" . $field_name . "` FROM `classifieds` WHERE `" . $field_name1 ."` = '" . $field_value1 . "' AND `" . $field_name2 . "` ='" . $field_value2 . "'"; And check what the other poster said about the "SELECT FROM" with no value for $field_name. This is going to be something really simple and basic. -TG = = = Original message = = = Thanks - but it doesn't work `` interprets the literal value $field_name as the column name and not its contents "trans_type". Warning: mysql_query() [http://www.mysql.com/doc]: Unknown column '' in 'field list' in C:\apache2triad\htdocs\sunlakes\test3.php on line 83 Unknown column '' in 'field list' -----Original Message----- From: tg-php@xxxxxxxxxxxxxxxxxxxxxx [mailto:tg-php@xxxxxxxxxxxxxxxxxxxxxx] Sent: Tuesday, May 22, 2007 10:57 AM To: php-windows@xxxxxxxxxxxxx Cc: mark@xxxxxxxxxxxxxxxxxxxxxxxx Subject: Re: Query Syntax - WHERE fieldname1='fieldvalue1'ANDfieldname2='fieldvalue2' Couple of things.. I'm not sure (and too lazy to look it up) if something like "category" is a reserved word, but you can try enclosing your field/table names in backticks (? whatever they're called.. the single quote looking character on the tilde) SELECT * FROM `classifieds` WHERE `trans_type` = 'For Sale' AND `category` ='Boats' or... $query = "SELECT `$field_name` FROM `classifieds` WHERE `$field_name1` = '$field_value1' AND `$field_name2` ='$field_value2'"; Making sure your variables always have values. As mentioned, echoing out your $query to see what it translates to can be very useful. Last thing is to make sure your variables don't contain characters that, unescaped, can screw up your query. Stuff like apostrophes and such. Best way to do this, and ensure some level of security, is to use mysql_real_escape_string(). I don't usually use variables for my field and table names, but I'm guessing you can use this function (and that it's recommended to do so anytime you use a variable in your SQL) for those as well as values. $field_name = mysql_real_escape_string($field_name); $field_name1 = mysql_real_escape_string($field_name1); $field_value1 = mysql_real_escape_string($field_value1); $field_name2 = mysql_real_escape_string($field_name2); $field_value2 = mysql_real_escape_string($field_value2); $query = "SELECT `$field_name` FROM `classifieds` WHERE `$field_name1` = '$field_value1' AND `$field_name2` ='$field_value2'"; Or do it inline or write a function wrapper to make it easier to read or however you want to do it. Operation precedence shouldn't be an issue. I usually run into that when dealing with an "OR" situation as well as "AND"s. Since you have a really basic AND-only situation, you shouldn't have to worry about parens. Maybe that'll help a little. If not, write back with some of your echo'd SQL $query stuff. -TG ___________________________________________________________ Sent by ePrompter, the premier email notification software. Free download at http://www.ePrompter.com. -- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
