I need to "echo" something in a SQL query.
I noticed this does not work:
$usernames = echo htmlentities($_SESSION['user']['username'], ENT_QUOTES, 'UTF-8');
$file = $_GET['file'];
$sql="INSERT INTO bekeken(username, filename)VALUES(".$usernames.", '".$fileloc."')";
$result=mysql_query($sql);
The echo thingy works perfect, it echoes the username how it should.
But now i want to insert that username in the database together with a filename that is received with a PHP GET.
I guess i am doing a lot wrong, but i dont see it.
Thanks in advance!
Mark
FullCode:
mysql_connect("localhost", "movidz", "password!") or die(mysql_error());
mysql_select_db("movidz") or die(mysql_error());
$file = $_GET['file'];
$sql_scale = "SELECT * FROM films WHERE filename = '".$file."'";
$result_scale = mysql_query($sql_scale)or die(mysql_error());
while($row = mysql_fetch_array($result_scale)){$titel=$row['titel'];}
echo "<div class='player_filmtitel_div'><h1 class='player_filmtitel'>".$titel."</h1></div>";
You are inserting $fileloc but you are defining $file.
$usernames = echo htmlentities($_SESSION['user']['username'], ENT_QUOTES, 'UTF-8');
$fileloc = $_GET['file']; // changed $file to $fileloc
$sql="INSERT INTO bekeken(username, filename)VALUES(".$usernames.", '".$fileloc."')";
$result=mysql_query($sql);
As is, you're setting a variable equal to echo htmlentities(...). There is no need to echo it because htmlentities() already returns a string. You can echo it afterwards if desired. echo is only used to display what is echoed in plain html. So your code should look something like this:
$usernames = htmlentities($_SESSION['user']['username'], ENT_QUOTES, 'UTF-8');
$file = $_GET['file'];
$sql="INSERT INTO bekeken(username, filename) VALUES('{$usernames}', '{$file}')";
$result=mysqli_query($connection, $sql);
Your quotations were way off, in addition to using an undefined $fileloc. Also, I would suggest using mysqli_