$myvalue = $RAD_REQUEST{'Calling-Station-Id'}; # Print it or check in some other way
$myquery = "SELECT IF(EXISTS(SELECT callerid FROM auth WHERE callerid='" . $myvalue . "'),'y','n')"; # Now print or check in some other way the query to see if it is joined well $yourquery = "SELECT IF(EXISTS(SELECT callerid FROM auth WHERE callerid='$RAD_REQUEST{/'Calling-Station-Id'/}'),'y','n')"; # And print or check in some other way this to see why it doesn't work $status = $db->Mysql::query($myquery); Ivan Kalik Kalik Informatika ISP Dana 10/4/2008, "rsg" <[EMAIL PROTECTED]> piše: >Hi, > >I attempted setting it to a local variable as well. > >Result was the same. > >Thanks so much for your suggestions & guidance. It's really appreciated. > > > >On Thu, Apr 10, 2008 at 1:02 PM, <[EMAIL PROTECTED]> wrote: >> Hi, >> >> >> > My next query is when I tried to retrieve the CallerId from a Mysql DB >> > using the same perl script with, >> > >> > --------- >> > use Mysql; >> > : >> > : >> > $status = $db->Mysql::query("SELECT IF(EXISTS(SELECT callerid FROM >> > auth WHERE callerid='$RAD_REQUEST{/'Calling-Station-Id'/}'),'y','n')"); >> >> your escape characters are wrong >> >> $RAD_REQUEST{\'Calling-Station-Id\'} >> >> personally, i would set the value into a local variable and do some >> sanity checking to ensure it'll not screw up the SQL... a nasty >> person could do something trivial like set their Calling station id >> to "'; drop all from users" :-) >> >> alan >> >> >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/usershtml >> >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html