This question already has answers here:
Multiple mysql INSERT statements in one query php [duplicate]
(8 answers)
Closed 3 years ago.
I'm trying to insert multiple data in one table, however I got an error that says:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'INSERT INTO author (firstname, lastname) VALUES ('Rasmus', 'Lerdorf')INSERT INT' at line 1
Here's the method:
$sql = "INSERT INTO author (firstname, lastname) VALUES ('Roal', 'Dahl')";
$sql .= "INSERT INTO author (firstname, lastname) VALUES ('Rasmus', 'Lerdorf')";
$sql .= "INSERT INTO author (firstname, lastname) VALUES ('Jane', 'Doe')";
Do I need to create a for loop for this? How could this work?
You can do this :
$sql = INSERT INTO author ( firstname, lastname) VALUES ('Roal', 'Dahl'), ('Rasmus', 'Lerdorf'), ('Jane', 'Doe');
Generally, mysqli and PDO cannot execute multiple statements in a single query. There are alternatives like mysqli_multi_query, but that is not really what you need.
Your query can have multiple rows added by appending extra sections after VALUES like so:
$sql = "INSERT INTO author (firstname, lastname) VALUES ";
$sql .= "('Roal', 'Dahl'), ('Rasmus', 'Lerdorf'), ('Jane', 'Doe')";
You can use two options:
mysqli_multi_query
$sql = "INSERT INTO author (firstname, lastname) VALUES ('Roal', 'Dahl');";
$sql .= "INSERT INTO author (firstname, lastname) VALUES ('Rasmus', 'Lerdorf');";
$sql .= "INSERT INTO author (firstname, lastname) VALUES ('Jane', 'Doe');";
if(!$mysqli->multi_query($sql)){
echo 'Error query:'. $mysqli->error . '.';
}else{
//do any operation
}
Or use one query like:
$sql = INSERT INTO author ( firstname, lastname) VALUES ('Roal', 'Dahl'), ('Rasmus', 'Lerdorf'), ('Jane', 'Doe');
if(!$mysqli->query($sql)){
echo 'Error query:'. $mysqli->error . '.';
}else{
//do any operation
}
Change $mysqli with your connection
Related
This question already has answers here:
Why can't I run two mysqli queries? The second one fails [duplicate]
(2 answers)
Closed 5 years ago.
I have a very specific problem and nothing I could find online was able to tell me where my error was.
I want to pass two mysql queries at once. Separately, they work perfectly but together they fail. I've tries JOIN, adding ; and the multi_queries method. Everything fails.
Now I am stuck with this code:
// data insertion
$sql = "INSERT INTO comments (id, name, email, comment, article_id, date) VALUES ('$id', '$name', '$email', '$comment', '$article_id', '$date')";
$sql.= "DELETE FROM comments_validation WHERE id = $id";
if ($conn->multi_query($sql) === TRUE) {
header('Location: http://url.com/index.php?success');
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
And the error:
Error: INSERT INTO comments (id, name, email, comment, article_id, date) VALUES ('some values')DELETE FROM comments_validation WHERE id = 'some other value'
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'DELETE FROM comments_validation WHERE id = 'some other value' at line 1
Thanks in advance!
You have to add a ; at the end of this sql statement
$sql = "INSERT INTO comments (id, name, email, comment, article_id, date) VALUES ('$id', '$name', '$email', '$comment', '$article_id', '$date');";
^here
Please add semi-colon as string at the end of every query in multi query.
// data insertion
$sql = "INSERT INTO comments (id, name, email, comment, article_id, date) VALUES ('$id', '$name', '$email', '$comment', '$article_id', '$date');";
$sql.= "DELETE FROM comments_validation WHERE id = $id";
if ($conn->multi_query($sql) === TRUE) {
header('Location: http://url.com/index.php?success');
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
I'm inserting data into members table, after I've inserted it I want to get the userID of the information just inserted. Whats the best way about doing this ?
My php code
//Insert info into database
$sql = "INSERT INTO members (type, firstname, lastname, email, password, bio) VALUES ('$usertype', '$firstname', '$lastname', '$emailsighup', '$passwordsighnup', '$bio')";
//Run a query to check if data has been inserted correctly.
$records = mysqli_query($connect, $sql);
I did try this SQL but was getting errors
$sql = "INSERT INTO members (type, firstname, lastname, email, password, bio) VALUES ('$usertype', '$firstname', '$lastname', '$emailsighup', '$passwordsighnup', '$bio')"; SELECT SCOPE_IDENTITY(userID);
Assuming $connect as the variable holding your connection information, which seems legit, you can get the value of the last id with:
$user_id = mysqli_insert_id($connect);
This is something you can do from the PHP MySQLi interface, rather than directly from SQL!
Okay, so I'm updating my site from MySQL to MySQLi, which means I have to re-code some of the database stuff.
I looked on php.net on how to use MySQLi queries to insert data into a table and did exactly what they said to, but no luck.
Here's my connection variable:
$con = mysqli_connect("localhost", "username", "password", "database");
And here is the code to insert the data:
mysqli_query($con, "INSERT INTO users ('user', 'pass', 'email') VALUES ('$user', '$pass', '$email')");
It doesn't reply with any errors, and it just takes me to the intended landing page. It doesn't actually add the data to the table though.
Any ideas?
As answered above, removing the quotes from the column names will solve your problem:
mysqli_query($con, "INSERT INTO users (user, pass, email) VALUES ('$user', '$pass', '$email')");
But I also noted that your script is vulnerable against SQL injection attacks.
In MySQLi you can prepare your statements before execution, so you will be sure that no one will inject SQL commands in your database.
If you don't want to prepare each sql statements before execution, at least use the mysqli_real_escape_string function, that will protect your system against SQL injection too. Use like that:
mysqli_query($con, "INSERT INTO users (user, pass, email) VALUES ('" . mysqli_real_escape_string($user) . "', '" . mysqli_real_escape_string($pass) . "', '" . mysqli_real_escape_string($email) . "')");
remove single quotes from column names
mysqli_query($con, "INSERT INTO users (user, pass, email) VALUES ('$user', '$pass', '$email')");
OR
mysqli_query($con, "INSERT INTO users (`user`, `pass`, `email`) VALUES ('$user', '$pass', '$email')");
I am trying to do multiple insertions using mysqli_multi_query() and following is my code. The issue is its not executing the result . Kindly let me know what i did wrong?
$query = "INSERT INTO crap_table (name, number, class)VALUES ('Peter', 35,'BS')";
$query .= "INSERT INTO crap_table (name, number, class)VALUES ('Sahil', 35,'MS')";
mysqli_multi_query($con,$query);
mysqli_multi_query
Executes one or multiple queries which are concatenated by a semicolon.
You need to have a ; between them. Like
$query = "INSERT INTO crap_table (name, number, class)VALUES ('Peter', 35,'BS');";
^
$query .= "INSERT INTO crap_table (name, number, class)VALUES ('Sahil', 35,'MS')";
Provided that you are connected to the database already? Like
$con= mysqli_connect("localhost", "my_user", "my_password", "world");
$query = "INSERT INTO crap_table (name, number, class)VALUES ('Peter', 35,'BS');";
$query .= "INSERT INTO crap_table (name, number, class)VALUES ('Sahil', 35,'MS')";
mysqli_multi_query($con,$query);
You forgot ; between your queries.
Executes one or multiple queries which are concatenated by a
semicolon.
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'and email) VALUES ('','','')' at line 1
i am now getting this error for specifically this line:
$sql= "INSERT INTO tbl_member (username, password and email) VALUES ('$username','$password','$email')";
It should be:
$sql= "INSERT INTO tbl_member (username, password, email) VALUES ('$username','$password','$email')";
First of all, you don't use the 'AND' keyword like that.
$sql = "INSERT INTO tbl_member (username, password, email) VALUES ('$user','$pass','$mail')";
Secondly, the error message indicates that at the time the query is run the 3 variables, $user, $pass and £mail are empty.
What are the names of your columns? if it's really "password and email", you should use backticks surronding them:
$sql= "INSERT INTO tbl_member (`username`, `password and email`) VALUES ('$username','$password','$email')";
otherwise use #Shivan-Raptor 's sollution?