Retrieving based on select values

andyj_84

Hi,

I know I'm missing something simple but just can't see it. I have a form with 2 select lists (holtype and holperiod). I'm trying to retrieve my values from my database based on these two values but it doesn't return anything.

Here is my PHP code.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<?php
$period=$_POST["holperiod"];
$type=$_POST["holtype"];
?>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>

<body>
<center>
<?
include("admin/connect.php");
$sql = 'SELECT * FROM `prices` WHERE break_period=$period and break_type=$type';
$rs=mysql_query($sql);

while ($row=mysql_fetch_array($rs))
{
echo '<p align="center"><table border="1">';
echo '<tr>';
echo '<th><font face="Arial">Date</font></th>';
echo '<th><font face="Arial">Price</th>';
echo '</tr>';
echo '<tr>';
echo '<td><font face="Arial">';
echo $row["break_date"].' '.$row["break_period"];
echo '</font></td>';
echo '<td><font face="Arial">';
echo $row["break_price"];
echo '</font></td>';
echo '</tr>';
echo '</table></p>';
}
?>
</center>
</body>
</html>

Andrew

bradgrafelman

You should be checking to see if [man]mysql_query/man returns boolean FALSE (indicating an error has occurred) and, if so, outputting and/or logging (as desired) the error message returned by the MySQL server (see [man]mysql_error/man - also note it's often useful to output/log the SQL query itself as well).

In your case, the error is being caused by the fact that all strings must be delimited with quotes (which you have omitted).

Also, note that user-supplied data should never be placed directly into a SQL query string else your code will be vulnerable to SQL injection attacks and/or just plain SQL errors. Instead, you must first sanitize it with a function such as [man]mysql_real_escape_string/man.