include array in sql statement

Discussion in 'PHP' started by steyr, Jun 18, 2007.

0
  1. #1
    Hy!

    I am new to PHP and and have following question:
    I have written a form where the user is able to select some columns of a database table. This selection is done using an array. Now I want to include this array into a SQL SELECT statement. I have tried the following- but without any positive result. In the manuals I use I can not really find an answer to that.


    
$array = $_REQUEST['selection'];
if ($c = @oci_connect("user","pw","xe"))
  {
    $s = oci_parse($c,"SELECT   
                       $array  
                       FROM resources
                     ");

    oci_execute($s,OCI_DEFAULT);
    Code (markup):
    Thanks for help!
     
    steyr, Jun 18, 2007 IP
  2. nico_swd

    nico_swd Prominent Member

    Messages:
    4,153
    Likes Received:
    344
    Best Answers:
    18
    Trophy Points:
    375
    #2
    Try:
    
"SELECT
" . implode(', ', $array) ."
FROM resources
"
    PHP:
    You really should filter and validate the input before putting it in the query though.
     
    nico_swd, Jun 18, 2007 IP
  3. GeorgeB.

    GeorgeB. Notable Member

    Messages:
    5,695
    Likes Received:
    288
    Best Answers:
    0
    Trophy Points:
    280
    #3
    Little less complex. Just implode the array before adding it to the query.

    $array = $_REQUEST['selection'];
$array = implode(', ', $array);


if ($c = @oci_connect("user","pw","xe"))
  {
    $s = oci_parse($c,"SELECT   
                       $array  
                       FROM resources
                     ");

    oci_execute($s,OCI_DEFAULT);
    PHP:
     
    GeorgeB., Jun 18, 2007 IP
  4. steyr

    steyr Guest

    Messages:
    27
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #4
    Hy!

    Thanks a lot for your help! It works fine! Thank you!

    best regards

    steyr
     
    steyr, Jun 19, 2007 IP