I'm trying to turn this:
"SELECT username FROM $table WHERE username='$newName'"
Into this:
"SELECT $column FROM $table WHERE $column='$newName'"
But when I use or die() on it, I get an error saying that there is incorrect syntax near WHERE username='someNameHere'. What is the correct way to substitute the column name, assuming that's what's wrong?
Edit: Code is just this. The values should be correct as I don't see any mispellings in the error.
$sql = "SELECT $column FROM $table WHERE $column='$newName'";
$result = mysql_query($sql) or die( mysql_error());
解决方案
Make your query like this
$sql = "SELECT ".$column." FROM ".$table." WHERE ".$column."='".$newName."'"
BTW this is SQLinjection vulnerable code. You should check the variables before using them in query. Also you should start using mysqli and prepared statements