PHP sql sort throws out error

The block of code below causes a problem to my database even though it works. Any Idea what could be causing the problem?. Please help me out

$oderBy = $_POST["sortBy"];

$sql2 = "SELECT *
FROM my_boys234
ORDER BY $oderBy ASC";

It shows the error code below.
$result->num_rows is

I have a feeling that error message is incomplete :wink:

And could you do an echo if $sql2 and see what the complete query looks like?

You might have an invalid field name coming from $_POST['sortBy'] , you should validate the value being submitted by the user for $_POST['sortBy'] and use a prepared statement for the query otherwise you risk an SQL Injection attack.

Also do you really need all the fields from the my_boys234 table? If you don’t, just list the required fields only in the SELECT clause

Hard to say without more code - show us the part that executes the query and gets that result code. My guess is you mean that num_rows is coming back blank.

A line like that in any PHP script is a clear indication that validation has been left out. That code should only ever appear in lessons teaching you how to code AFTER how to validate properly has been taught with it clearly labelled as a shortcut so that the lesson can concentrate on what it is teaching rather than having 3/4 of the code being the validation (which is about the ratio you’d find in any significant program).

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.