0
Does anyone know if it is possible for me to do a database search using a variable like the name of where to search in the database, like how it follows:
$consulta = mysqli_query($link, "SELECT * FROM alunos WHERE $turma = '$grupo'");
Where the variable $turma would be defined by the user.
What will contain in the variable
$turma? Is the name of the column in the table ?– NoobSaibot
@wmsouza yes, in the variable
$turmawould be the column name in the table!– Arthur Oliveira
Apart from the huge security problem, is having some problem?
– Maniero
Your code seems to work, I don’t understand your question.
– Francisco
@Maniero I was having a problem yes, but it was the position of my form, reviewing the code I saw this error of mine, now it worked. I am new to SQL, this is the way I learned in the course, you would indicate me some material or video class to learn better about this security issue and make the site safer?
– Arthur Oliveira
@Francisco It was a problem with the FORM, then the code was not running, and as I didn’t realize it was in the consultation, thank you!
– Arthur Oliveira
If you want a course indication suggest this to no longer use the
mysqli: https://www.youtube.com/watch?v=etRFu_eJ3vU&list=PLbXvLovKLUIkE78UNFE8UpfOtoDlrpQec– Laércio Lopes
@Laérciolopes thank you very much, I will research on PDO, I had heard about, but I have not yet had to dig deeper, I will do this!
– Arthur Oliveira
There’s video lessons on the Youtube link I posted
– Laércio Lopes
Yes, I will use them, they seem to be very good, thank you very much!
– Arthur Oliveira