I have a query against the v$session view in Oracle that works fine until I use a where clause that uses a variable.
As you will see in the code at the end of this post I issue the following query:
'select sid,serial#,username,osuser from v$session where sid = $sid'
If I change the $sid to say an actual sid in the database, the query works.
I've tried changing the single-quotes around the select statement to double-quotes & then escaping the $ with \ & that doesn't work either. Below is the error I receive when using the variable in the query.
By the way I know that the variable which is passed from another page is working because I have echoed it on the same page were the error occurs.
Warning: OCIStmtExecute: ORA-00911: invalid character in /var/www/html/db/kill_session.php on line 14
$conn = OCILogon("system","jacmar00","test");
$stmt = OCIParse($conn, 'select sid,serial#,username,osuser from v$session where sid = $sid');
if ($stmt == false)
echo OCIError($conn);
OCIExecute($stmt);
$nrows = OCIFetchStatement($stmt,$results);
if ( $nrows > 0 ) {
print "<TABLE BORDER=\"1\">\n";
print "<TR>\n";
while ( list( $key, $val ) = each( $results ) ) {
print "<TH>$key</TH>\n";
}
print "</TR>\n";
for ( $i = 0; $i < $nrows; $i++ ) {
reset($results);
print "<TR>\n";
while ( $column = each($results) ) {
$data = $column['value'];
print "<TD>$data[$i]</TD>\n";
}
print "</TR>\n";
}
print "</TABLE>\n";
} else {
echo "No data found<BR>\n";
}
print "$nrows Records Selected<BR>\n";
Thanks,
Jason Martin
