okay new pdo statements unsure if have done syntax error or whatnot. php file not show errors:
<?php include('db_config.php'); $itemname = 'item1'; $sql = "select * order itemname = $itemname;"; $stmt = $conn->prepare($sql); $stmt->execute(); while ($row = $stmt->fetch(pdo::fetch_assoc)) { echo $row['itemname']; } ?> my objective pull item using bootstraps datepicker, purpose of testing using itemname. php file comes blank?
i have checked field names, db_config, , unsure issue coming from.
please let me know if have done error in statement or seems wrong.
firstly, you're using mysql reserved word, being order , requires special attention; using ticks around it.
then since we're dealing string, $itemname needs wrapped in quotes.
<?php include('db_config.php'); $itemname = 'item1'; $sql = "select * `order` itemname = '$itemname';"; $stmt = $conn->prepare($sql); $stmt->execute(); while ($row = $stmt->fetch(pdo::fetch_assoc)) { echo $row['itemname']; } ?> - either use ticks around table name, or rename "orders", it's not reserved keyword.
"the php file not show errors:"
that's because you're not checking them.
add $conn->setattribute(pdo::attr_errmode, pdo::errmode_exception); right after connection opened.
- now, if you're going use pdo, use pdo prepared statements, they're safer.
as per comment left under question containing mysql error:
1064 have error in sql syntax; check manual corresponds mysql server version right syntax use near 'order
- read
near 'orderstarts @ "order".
now, if ever query should ever contain character mysql complain about, such quote etc. need escape query , use prepared statements.
for example, if using:
$itemname = "timmy's sour dough"; would translate to
where itemname = 'timmy's sour dough' in turn throwing syntax error.
so, it's best escape data right away.
edit
your use of prepare , new pdo collectively suggest trying use prepared statements, not right way. you're little off prepared statement. 1 correct way in code be
$sql = "select * `order` itemname = ? "; $stmt = $conn->prepare($sql); $stmt->execute(array($itemname)); notice how have ? in query sending value in execute call. there go :)
- using pdo prepared statements take care of that.
