select statement?

lukeurtnowski

I'm trying to run a query on a username with a ' ' in it (Jamie Ann), heres my code

	SELECT userid, filename, username
	FROM photoplog_fileuploads
	WHERE moderate = 0
	AND username = '.$Name. '
	ORDER BY RAND()
	LIMIT 5

This query only returns something if the username is 1 word (how do I get it to use a possible 2 word username?)
Thanks...

Sxooter

What does that query look like if you print it out?

bradgrafelman

lukeurtnowski wrote:
how do I get it to use a possible 2 word username?

By using the proper syntax; when you give SQL a string value, it must be surrounded by quotes - just like PHP. When you use numeric values, don't use quotes - just like PHP.

lukeurtnowski

changed the sql statement to

	SELECT userid, filename, username
	FROM photoplog_fileuploads
	WHERE moderate = 0
	AND username = ".$Name."
	ORDER BY RAND()
	LIMIT 5

http://www.lvasp.com/provider_page.php?ID=8

bradgrafelman

You didn't surround the string in quotes... you just changed which string delimiter you're using in the PHP code. You actually need quotes within the string.

Sxooter

your select needs to wind up looking something like this:

SELECT userid, filename, username
    FROM photoplog_fileuploads
    WHERE moderate = 0
    AND username = 'Mary Ann'
    ORDER BY RAND()
    LIMIT 5

Which is why I asked you what the query looked like when you printed it out. Because I don't know what the rest of your code looks like, it could have been that the variable had single quote in it, or not.

Piranha

And don't use ORDER BY RAND. Look at this thread to see why and how you can change it.

Sxooter

Well, given that he's limiting the set by username, which I'd assume is unique, i'm not even sure why the order by rand() is in there.

but for small datasets order by rand() is fine. Just not for entire tables.