current community

your communities

more stack exchange communities

Stack Exchange
tour help
stack overflow careers
Take the 2-minute tour ×
Stack Overflow is a question and answer site for professional and enthusiast programmers. It's 100% free, no registration required.
up vote 0 down vote favorite

I have tried several things but I can't get the MySQL query in my php code to work. Note that the query DOES WORK when I hard-code the variable $lastmsg which is an integer.

The code works in two instances:

  1. When the page loads, the query runs, ignoring $pagination because $lastmsg is not set.
  2. A button sends a value for lastmsg to this page, which runs the code again, this time looking at $pagination because lastmsg is set.

Again, the query DOES WORK. The proof being that it runs perfectly fine in the first instance and returns properly when the variables are hard coded. Firebugs reports that lastmsg is being sent by post.

The problem is that the query isn't receiving the value for $lastmsg (I get no values returned). I know this is because $lastmsg is sitting inside $pagination.

P.S. I am aware it needs injection protection... I'm just trying to get this to work:

if(isset($_POST['lastmsg']) &&is_numeric($_POST['lastmsg'])){
    $lastmsg = $_POST['lastmsg'];
    $pagination = 'AND $wpdb->posts.ID < ".$lastmsg."';
} else {
    $pagination = '';
}

$pageposts = $wpdb->get_results($wpdb->prepare("
    SELECT * FROM $wpdb->posts
    LEFT JOIN $wpdb->term_relationships ON ($wpdb->posts.ID = $wpdb->term_relationships.object_id)
    LEFT JOIN $wpdb->term_taxonomy ON ($wpdb->term_relationships.term_taxonomy_id = $wpdb->term_taxonomy.term_taxonomy_id)
    WHERE $wpdb->posts.post_status = 'publish' 
    AND $wpdb->posts.post_type = 'post' 
    AND $wpdb->posts.post_date < NOW()+INTERVAL 1 DAY 
    AND $wpdb->term_taxonomy.taxonomy = 'category' 
    AND $wpdb->term_taxonomy.term_id IN(3)
    ".$pagination."
    ORDER BY $wpdb->posts.post_date DESC
    LIMIT 10
    "), OBJECT);

The following DOES NOT work

$pagination = 'AND $wpdb->posts.ID < ';
$pageposts = $wpdb->get_results($wpdb->prepare("
    SELECT * FROM $wpdb->posts
    LEFT JOIN $wpdb->term_relationships ON ($wpdb->posts.ID = $wpdb->term_relationships.object_id)
    LEFT JOIN $wpdb->term_taxonomy ON ($wpdb->term_relationships.term_taxonomy_id = $wpdb->term_taxonomy.term_taxonomy_id)
    WHERE $wpdb->posts.post_status = 'publish' 
    AND $wpdb->posts.post_type = 'post' 
    AND $wpdb->posts.post_date < NOW()+INTERVAL 1 DAY 
    AND $wpdb->term_taxonomy.taxonomy = 'category' 
    AND $wpdb->term_taxonomy.term_id IN(3)
    ".$pagination."
    ".$lastmsg."
    ORDER BY $wpdb->posts.post_date DESC
    LIMIT 10
    "), OBJECT);

Any solutions?

share|improve this question

2 Answers 2

up vote 2 down vote accepted

This is not the string you're looking for:

$pagination = 'AND $wpdb->posts.ID < ".$lastmsg."';

That will leave a literal AND $wpdb->posts.ID < ".$lastmsg." inside $pagination and that string won't do anything useful when you hand it to MySQL.

You want double quotes on the outside (for interpolation) and no single quotes at all:

$pagination = "AND $wpdb->posts.ID < $lastmsg";

Or, if $lastmsg is a string rather than a number:

$pagination = "AND $wpdb->posts.ID < '$lastmsg'";

That should get your first version working.

Now go forth and add all your mysql_real_escape_string calls.

share|improve this answer
up vote 2 down vote

PHP parser will ignore the lines quoted with single quotes('') as if they are normal strings. You can force PHP parser to parse the strings too by enclosing them inside double quotes ("").

In your case $pagination goes like this

$pagination = 'AND $wpdb->posts.ID < ".$lastmsg."';

Outer quotes are single quotes so it will be ignored by PHP and $wpdb->posts.ID and even $lastmsg will be considered as simple strings, they wont get their PHP values.
just change your string to 

$pagination = "AND $wpdb->posts.ID < '$lastmsg'";

again if $lastmsg is numeric you don't need inner quotes

share|improve this answer

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.