0

I wrote this code:

<?php
$con = mysqli_connect('localhost', 'root', '');
if(!$con)
{
    die("not ok");
}

mysqli_select_db($con,"uoh");  

$q = " SELECT * FROM student WHERE id = 201102887" ;
$result = mysqli_query($con , $q ) ;
if($row = mysqli_fetch_array($result))
{
   echo "<h3> compliance for for " . $row["name"];
   echo " and the major is ".$row["major"];
   echo "</h3>";
}

$major=$row["major"];

$con = mysqli_connect('localhost', 'root', '');
if(!$con)
{
    die("not ok");
}

mysqli_select_db($con,"uoh");  
$q = "SELECT * FROM courses LEFT JOIN equal ON equal.course_number= 
courses.course_number LEFT JOIN degree_plan ON degree_plan.course_number=
 courses.course_number LEFT JOIN student_record ON courses.course_number= 
 student_record.course_number AND student_record.id=201102887 AND degree_plan.major=".$major;
?>

the code works fine but does not give me a result.

I think the problem is in degree_plan.major=".$major; because the query does not give me a result.

Can you solve it?

Peter David Carter
  • 2,338
  • 8
  • 24
  • 43
Maikel
  • 41
  • 3
  • 2
    Where do you run the last query? – JimL Apr 12 '16 at 18:44
  • 2
    $q is just defined as a string with the query. You don't actually run it. – Oldskool Apr 12 '16 at 18:44
  • I check the last query in phpmyadmin it work fine but when I add .$major do not give me answer – Maikel Apr 12 '16 at 18:46
  • There's no need to connect to the database twice unless you're closing each connection prior to running an additional query. – mferly Apr 12 '16 at 18:48
  • (1) You don't get any results because you never actually execute the query. (2) You have a SQL injection vulnerability. Use prepared statements with query parameters instead of just concatenating values like that. – David Apr 12 '16 at 18:50
  • Possible duplicate of [How to display errors for my mysqli query](http://stackoverflow.com/questions/17053466/how-to-display-errors-for-my-mysqli-query) – Mike Apr 12 '16 at 18:50
  • @david There is no sql injection risk at all – Fabio Apr 12 '16 at 18:51
  • @Fabio: Well, technically there isn't *yet* because he's not actually executing the query. But once he *does* execute the query, that concatenation at the very end is an injection vulnerability. – David Apr 12 '16 at 18:52
  • @david how would you inject it? His variable come from the script – Fabio Apr 12 '16 at 18:53
  • 3
    @Fabio: The variable comes from the database. And nothing here controls how that database is populated. Anything could be in that database, from any other source, including user input. SQL injection doesn't *have* to come from a `$_POST` or `$_GET`, it can come from any uncontrolled source of text. – David Apr 12 '16 at 18:54
  • @David i see you are right! – Fabio Apr 12 '16 at 18:59

2 Answers2

0

You are not executing your second query just defining as a string. You should place after your second query something like you did for the first

$result2 = mysqli_query($con , $q ) ;
if($row2 = mysqli_fetch_array($result2)) {

As the major value looks like a string you might need to surround with quotes or your query will fail

AND degree_plan.major='".$major."'";
Fabio
  • 22,442
  • 12
  • 51
  • 63
0

You should format the query with quotes this way 

    mysqli_select_db($con,"uoh");  
    $q = "SELECT * FROM courses LEFT JOIN equal ON equal.course_number= 
     courses.course_number LEFT JOIN degree_plan ON degree_plan.course_number=
     courses.course_number LEFT JOIN student_record ON courses.course_number= 
     student_record.course_number 
      AND student_record.id=201102887 AND degree_plan.major='".$major ."'";
ScaisEdge
  • 129,293
  • 10
  • 87
  • 97