Im trying to order By "ItemLevel" in shops in a game I'm currently developing. it should be correct as because this code
ini_set('display_errors', 'On');
error_reporting(E_ALL | E_STRICT)
Displays no errors. Heres the ORDER BY ItemLevel line.
$item = mysql_query("SELECT * FROM knightG_{$shop["ItemCategory"]}s WHERE
ItemId='{$shop["ItemId"]}' ORDER BY ItemLevel ASC") or die (mysql_error());
I can give anyone more information if requested. Thanks.
It should be
$item = mysql_query("SELECT * FROM knightG_{$shop['ItemCategory']}s WHERE
ItemId='{$shop['ItemId']}' ORDER BY ItemLevel ASC") or die (mysql_error());
instead. Inside of double string variable interpolation you must obmit the quotes around array indexes.
This is not valid if using braces surrounding arrays within strings allows constants, so you've got to use single quotes in your case. It may seem odd, but it's valid.
Better would be to move from the deprecated mysql_* functions to PDO or mysqli and use prepared statements with placeholders to bind inut values to. This will not take care of the problem of input parameters in identifiers for the names of columns or tables (the first input substitution here).
$sql = "SELECT * FROM knightG_{$shop['ItemCategory']}s";
$sql.= " WHERE ItemId='".$shop["ItemId"]."'";
$sql.= " ORDER BY ItemLevel ASC";
$item = mysql_query($sql) or die (mysql_error());
You should make sure though that your variables are safe from mysql injections.
Also I would advice to use PDO instead of the mysql extension. It is deprecated.