Php: fetching data by date

data base query not returning any error and any data
query works when I use it in phpmyadmin maunally


if(!empty($_POST['date'])){
         $sql = "select * from hotel where datex=".$_POST["date"];
         echo $sql;
      $query=mysqli_query($conn,$sql);
      if(!$query){
        echo "query does not work";
      }
      else{
      while($data=mysqli_fetch_array($query)){
         //showing data
     }
      }
      else{  
          //some code
     }

db table
SharedScreenshot

Does this first log run?

Hello @Advitya-sharma I’m not really acquainted with mysqli I have usually prefered PDO but I think the error is that the sql string results in something like this:

Let’s say $date = ‘2020-10-13’;

then $sql = “select * from hotel where datex=2020-10-13”;

So I think the column datex needs an escaped string or in single quotes as such
$sql = “select * from hotel where datex=‘2020-10-13’”;

Not sure this will solve your problem but has happened to me before so I hope it helps.

@palmaone @miku86 I solved it using

$sql = "select * from hotel where datex='".$_POST["date"]."'";

do you know why it works because the previous value was also string

1 Like

yeah, is because the sql engine evaluates each passed parameter’s data type and not the whole statement on its own. So example: datex=2020-10-13 fails because is looking for an string input for dates or datetime and is getting an invalid data type.

But when it gets datex='2020-10-13' then it actually recieves a string which is the valid data type for dates.

So since we are already whitin a string in $sql="select * form hotel where ...etc" we need to use either single quotes to represent a string whitin a string or scape the double quotes $sql="select * form hotel where datex=\"2020-10-13\""

I prefer using the single quotes since escaping characters can be more confusing. I think it helps to think about it as if the first/outer/parent string is a string in the context of PHP but in the context of SQL the data types that matter are the ones passed to each parameter for the query.

Unfortunately some of this erros are not thrown by the engine and fail silently.

1 Like