Hello guys this is my SQL query:
SELECT *
FROM path JOIN (
SELECT * FROM invoice WHERE client_Id='$_SESSION[user]'
) ON INVOICE.path_Id=PATH.Id
I want to join two tables in the first table must have client_Id=$_SESSION[user]. The two tables must be joined on path_Id. Please help me writing this query in right way. Thank you
Try this query
SELECT *
FROM `PATH` JOIN `INVOICE`
ON `INVOICE`.`path_Id`=`PATH`.`Id`
WHERE `INVOICE`.`client_Id`='$_SESSION[user]'
There are so many things wrong in that line of code:
Saintize user input. By inserting a $_SESSION variable directly into a SQL query, you're introducing SQL Injection vulnerabilities, along with XSS and CSRF vulnerabilities. People can, and will do nasty things to your application if given a chance.
Never, ever select more data than you need to. Do you really need all columns from both tables?
Why two selects? A SELECT * FROM Path p JOIN Invoice i ON i.path_id = p.id WHERE i.client_id = 1 LIMIT 1 will do the job.