Using Session Variables in SQL Statements

klycette

I've been able to access my session variables through $_POST['variablename'] but I'm wondering how to encorporate them into SQL statements. Can you use them directly or do they have to be passed to another variable? This is what I have:

$result = mysql_query("select * from employers where username = $_SESSION['valid_user']");

And this is the error that I get:

Parse error: parse error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING

Am I missing quotes or something else? Thanks in advance.

dvd871

Try it this way:

$username = $_SESSION['username'];

$result = mysql_query("SELECT * FROM employers WHERE username='$username'") of die(mysql_error());

klycette

Yep, that seems to work. I was wondering if I'd have to create another variable or just use it as it was, but maybe I missed a quote or something. I just ended of passing it to a variable called $valid_user, since $username is the name given to another variable. Thanks.