PHP Error in MySQL Syntax

Here's the function I created:

function get_phurl_option($option) {
$db_result = mysql_query("SELECT value FROM ".DB_PREFIX."options WHERE option = '$option'") or db_die(__FILE__, __LINE__, mysql_error());
$db_row = mysql_fetch_row($db_result);
return $db_row[0];
}

However, upon visiting a page that uses the function, I get the following error:

File: /usr/home/<removed>/includes/functions.php
Line: 28
Message: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'option = 'shortcode_type'' at line 1

I'm not sure why this would be, I've tried apostrophes, speech marks, and backticks, neither of which seem to work. I can't figure out the problem here, so any help would be much appreciated.

• Escape your variables correctly, it will save you lots of errors and nerves.

  F.P

  – F.P

  2012年05月29日 09:13:06 +00:00

  Commented May 29, 2012 at 9:13
• What does $option look like? The query itself looks fine, assuming DB_PREFIX is set

  Ahatius

  – Ahatius

  2012年05月29日 09:14:11 +00:00

  Commented May 29, 2012 at 9:14
• 2
  Echo out the final query before executing it... That will allow you to see exactly where the problem is...

  Lix

  – Lix

  2012年05月29日 09:14:22 +00:00

  Commented May 29, 2012 at 9:14
• 2
  Please don't use mysql_* functions in new code. They were removed from PHP 7.0.0 in 2015. Instead, use prepared statements via PDO or MySQLi. See Why shouldn't I use mysql_* functions in PHP? for more information.

  tereško

  – tereško

  2012年05月29日 09:16:45 +00:00

  Commented May 29, 2012 at 9:16

2 Answers 2

Start asking to get answers

Find the answer to your question by asking.

Explore related questions

See similar questions with these tags.