SQL syntax error in php for login form

Asked Feb 01 '18 at 13:44

Active Feb 01 '18 at 13:45

Viewed 29 times

I am just trying to run a simple line of SQL in php but for some reason it does not work and just returns that I have a syntax error.
$query = "SELECT * FROM 'Catalogue' WHERE 'username' = '$u_n' AND 'password' = '$psw' ;";
and when I try to run it I get this

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''Catalogue' WHERE 'username' = 'konsskou' AND 'password' = '1234'' at line 1

where konsskou is the username I entered and 1234 the respective password. What could I be missing and made me struggle so much?

edited Feb 01 '18 at 13:45

John Conde

217,595
99
455
496

asked Feb 01 '18 at 13:44

user3697365

@F0XS You're missing the quotes around the variables. Though using prepared statements and parameter binding really is better to prevent SQL injection and quoting issues. – aynber Feb 01 '18 at 13:52
`$query = "SELECT * FROM Catalogue WHERE username = '".$u_n."' AND password = '".$psw."' ;";` My bad, thanks @aynber – F0XS Feb 01 '18 at 13:57

SQL syntax error in php for login form

0 Answers0