With single quotes variables won't be handled. Use double quotes for that. And if you use single quotes for the string, use double quotes for the values (or vice verce). If you use the same you are going to get into trouble.

But why not try [man]sprintf[/man], it makes queries easier.

Piranha,

Not sure i follow you toally,

I assume you mean something like this

$query = mysql_query('SELECT  $_SESSION[user_id] , AES_DECRYPT(description,"$_SESSION[cipher_key]")) FROM example WHERE ( $_SESSION[user_id]="$_SESSION[user_id]");

Sorry like i said i am a total noob

To understand it better try the following:

$test = "variable";
echo 'this is a $test';
echo "this is another $test";

When you understand what to use do a simple test with quotes in the echo as well.

Try putting the query in double quotes...ie:
$query = "SELECT whatever yadda yadda WHERE somefield='$PHP_variable' ";

okay, first your query is breaking paranthesis and ending the mysql query command early

$query = mysql_query
	(
		'SELECT  $_SESSION[user_id] , AES_DECRYPT
		(
		description,"$_SESSION[cipher_key]"
		)
	) 
	FROM example WHERE 
	( 
	$_SESSION[user_id]="$_SESSION[user_id]"
	');

it should read

$query = mysql_query
(
		'SELECT  $_SESSION[user_id] , AES_DECRYPT
		(
		description,"$_SESSION[cipher_key]"
		)

FROM example WHERE 
( 
$_SESSION[user_id]="$_SESSION[user_id]"
)
); 

Or inline
$query = mysql_query('SELECT  $_SESSION[user_id] , AES_DECRYPT(description,"$_SESSION[cipher_key]")	FROM example WHERE($_SESSION[user_id]="$_SESSION[user_id]"));


your first query will produce a fail error

next, can you copy/paste what the actual sql in the end looks like after all the variable substitutions are done
meaning after rewrite $query to leave out the mysql_query

$query = 'SELECT  $_SESSION[user_id] , AES_DECRYPT(description,"$_SESSION[cipher_key]")	FROM example WHERE($_SESSION[user_id]="$_SESSION[user_id]");

and do echo $query; and give us the result

from what I gathered it shoudl look liek this
lets say $SESSION[user_id]="test"

$query = 'SELECT  test , AES_DECRYPT(description,"$_SESSION[cipher_key]")	FROM example WHERE(test=test);

so if your database example has a field named test and your looking for rows with value of test in it your query would work, and return the columns test with your AES_DECRYPT value

otherwise, in typical queries, we gather the same information and only change elements such as the where clause, for example using your query

$query = 'SELECT column1 , AES_DECRYPT(description,"'.$SESSION[cipher_key].'") FROM example WHERE column1='.$SESSION[user_id].' ;

rulian,

Thank you very much for your response, I am pretty sure i am following what you are saying but i dont have a chance to try it till tommorow.

If you are asking what my sql syntax looks like outside php

Here it is

select uniqueid,dept,shared,AES_DECRYPT(link,'variable'),AES_DECRYPT(description,'variable'),AES_DECRYPT(userid,'variable'),AES_DECRYPT(password,'variable') from table WHERE (uniqueid='variable' AND dept='example' AND shared='1');

'Variable' would be unique to each user logging in and would to be gathered and passed from the authorization table,

Which currently contains there uniqueid and cipherkey

Both those vaules must be passed to this query

As for the dept and shared section they mean realativly nothing at this point they are simply there to seperate certin data elements