I work on a PHP file, and I want with one variable($time) to FIND a column on my database and print the content of the "$time" column, but I can't find the right syntax. In the end, it prints the $_GET['time'] I have passed and not the content of the column. Here is my code:
$id = $_GET['id'];
$time = $_GET['time'];
$query1 = "SELECT "."'$time'"."FROM uploads
WHERE station_id="."'$id'";
$result =mysqli_query($conn,$query1) or die(mysql_error());
$row = mysqli_fetch_array($result, MYSQLI_ASSOC) or die(mysql_error());
echo json_encode($row);
Any help or though???
First of all, your query is horrible and incredibly vulnerable to injection. You need to rethink your dB design.
But to answer your question, it's probably because the way you're putting the variable in the statement. Instead of:
$query1 = "SELECT "."'$time'"."FROM uploads WHERE station_id="."'$id'";
Change it to:
$query1 = "SELECT ". $time ."FROM uploads WHERE station_id=".$id;
Please rethink your database design as you have a Huge vulnerability