This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
How can I fix MySQL error #1064?
(3 answers)
Closed 4 years ago.
I created the following table:
CREATE TABLE contactos (
id INT(11) NOT NULL AUTO_INCREMENT PRIMARY KEY,
nombre VARCHAR(60),
email VARCHAR(60),
password VARCHAR(60),
fecha TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
KEY(id)
) ENGINE=INNODB DEFAULT CHARSET=utf8;
But when I try to insert values into the table I get error #1064:
INSERT INTO contactos('ID', 'nombre', 'email', 'password', 'fecha') VALUES (NULL, 'Armando', 'armando_zax#hotmail.com', 'hola', NOW() );
I have researched a lot, but couldnĀ“t get what am I doing wrong.
Becouse you are use a wrong quotes
"INSERT INTO contactos(`ID`, `nombre`, `email`, `password`, `fecha`) VALUES ..."
When you are mean a field name - then you should use ` quote. When a string constant - use ' quote.
Related
This question already has answers here:
Creating a mysql table with a PHP variable
(5 answers)
Use a variable as table name when creating a table in mysql
(2 answers)
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Where do I need to use backticks or quotes in my MYSQL query?
(3 answers)
Can you create a table in mysql with dots in it?
(2 answers)
Closed 4 days ago.
I have array with dynamic data and i need to create mysql table with array row[5] name.
My code:
if(is_array($myarray)){
foreach ($myarray as $row) {
$val6 = mysqli_real_escape_string($db_conn, $row[5]);
$query ="CREATE TABLE $row[5] (
id INT(6) UNSIGNED AUTO_INCREMENT PRIMARY KEY,
USERNAME VARCHAR(30) NOT NULL,
EMAIL VARCHAR(40) NOT NULL,
DISCOUNT VARCHAR(5),
PASSW CHAR(128),
ROLE VARCHAR(9))";
mysqli_query($db_conn, $query);
}
}
I try it but return error:
Fatal error: Uncaught mysqli_sql_exception: You have an error in your
SQL syntax; check the manual that corresponds to your MariaDB server
version for the right syntax to use near ''peter05' ( id INT(6)
UNSIGNED AUTO_INCREMENT PRIM...' at line 1
i need to create a MariaDB table into foreach cycle with the name equal to the value of $row[5].
some idea?
............................................................
You shouldn't use mysqli_real_escape_string() for identifiers. It is used only for string values (and in most cases, using query parameters are better than escaping anyway).
if(is_array($myarray)){
foreach ($myarray as $row) {
$tablename = str_replace("`", "``", $row[5])
$query ="CREATE TABLE `{$tablename}` (
id INT(6) UNSIGNED AUTO_INCREMENT PRIMARY KEY,
USERNAME VARCHAR(30) NOT NULL,
EMAIL VARCHAR(40) NOT NULL,
DISCOUNT VARCHAR(5),
PASSW CHAR(128),
ROLE VARCHAR(9))";
mysqli_query($db_conn, $query);
}
}
This shows how to interpolate the tablename into your CREATE TABLE statement. This is necessary, because a tablename is not a string. You can't use string-escaping or parameters for an identifier like a tablename.
Putting backticks around the identifier is a good practice, because it could be an SQL reserved word, or contain special characters.
It is required, however, to be careful that the tablename doesn't contain a literal backtick character. In that case, change one backtick into two backticks.
This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 2 years ago.
i can't seem to figure it out why i'm getting this error i am using percona server for mysql 8 with sql mode set to sql_mode = "NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION"
this is the error i am getting whats sql error 0 ?
MySQL: Invalid Query:
SELECT
Rank,
SpecialRank,
TotalRank,
DonationTime,
RankExpirationTime + INTERVAL 766 HOUR
FROM users_donor_ranks
WHERE UserID = '1' SQL error: 0 ()
the sql table that i am using
CREATE TABLE `users_donor_ranks` (
`UserID` int(10) NOT NULL DEFAULT '0',
`Rank` tinyint(2) NOT NULL DEFAULT '0',
`DonationTime` datetime DEFAULT NULL,
`Hidden` tinyint(2) NOT NULL DEFAULT '0',
`TotalRank` int(10) NOT NULL DEFAULT '0',
`SpecialRank` tinyint(2) DEFAULT '0',
`InvitesRecievedRank` tinyint(4) DEFAULT '0',
`RankExpirationTime` datetime DEFAULT NULL,
PRIMARY KEY (`UserID`),
KEY `DonationTime` (`DonationTime`),
KEY `SpecialRank` (`SpecialRank`),
KEY `Rank` (`Rank`),
KEY `TotalRank` (`TotalRank`)
) ENGINE=InnoDB CHARSET=utf8mb4;
the query i am making
G::$DB->query("
SELECT
Rank,
SpecialRank,
TotalRank,
DonationTime,
RankExpirationTime + INTERVAL 766 HOUR
FROM users_donor_ranks
WHERE UserID = '$UserID'");
RANK is a reserved word in MySQL starting version 8.0.2.
You would need to quote this identifier, using backticks:
SELECT
`Rank`,
SpecialRank,
TotalRank,
DonationTime,
RankExpirationTime + INTERVAL 766 HOUR
FROM users_donor_ranks
WHERE UserID = ?
This question already has answers here:
MYSQL - Impossible to create an external key
(1 answer)
What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
(1 answer)
Reference - What does this error mean in PHP?
(38 answers)
Closed 3 years ago.
I am a self taught programmer in college and I am super confused since few days. I am working on the backend of a job listing website. The user will be able to post a job and I have three tables: jobs, keywords and requirements. The job_id is the primary key of jobs and also a foreign key in the keywords table. Right now, I am only able to insert data in the jobs table and I am not able to key anything from the keywords table. Each job_id can have multiple keyword.
SQL - jobs table
CREATE TABLE `jobs` (
`title` text NOT NULL,
`type` text NOT NULL,
`location` text NOT NULL,
`salary` int(11) NOT NULL,
`description` text NOT NULL,
`date` date NOT NULL,
`job_id` int(11) NOT NULL AUTO_INCREMENT,
PRIMARY KEY (`job_id`)
) ENGINE=InnoDB AUTO_INCREMENT=34 DEFAULT CHARSET=latin1;
SQL - keywords table
CREATE TABLE `keywords` (
`keyword_id` int(11) NOT NULL AUTO_INCREMENT,
`keyword` text NOT NULL,
`job_id` int(11) NOT NULL,
PRIMARY KEY (`keyword_id`),
KEY `job_id` (`job_id`),
CONSTRAINT `keywords_ibfk_1` FOREIGN KEY (`job_id`) REFERENCES `jobs` (`job_id`)
) ENGINE=InnoDB AUTO_INCREMENT=28 DEFAULT CHARSET=latin1;
PHP (I know the code is not secured yet but I just want to understand first)
<?php
require("../config/db.php");
require("add-jobs.php");
$link = mysqli_connect("localhost","root","","benoit");
$title = $_POST["position"];
$type = $_POST["job-type"];
$location = $_POST["location"];
$salary = $_POST["salary"];
$description = $_POST["description"];
$date = $publisheddate;
$keywords = $_POST["keywords"];
mysqli_query($link,"INSERT INTO jobs (`title`, `type`, `location`, `salary`, `description`, `date`)
VALUES ('$title', '$type', '$location', '$salary', '$description', CURDATE())")
or die(mysqli_error($link));
foreach ($keywords as $keyword){
mysqli_query($link, "INSERT INTO keywords (`keyword`) VALUES ('$keyword')");
}
?>
Get insert id with $mysqli->insert_id and use it:
mysqli_query($link, ".....");
$insert_id = mysqli_insert_id($link);
foreach ($keywords as $keyword){
mysqli_query($link, "INSERT INTO keywords (`job_id`, `keyword`) VALUES ($insert_id, '$keyword')");
}
This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 3 years ago.
I'm usually good at this, and while I was finishing my project; I ran into an error. PDO was giving me a syntax error, that I couldn't wrap my head around. Maybe I'm just tired, but this is driving me crazy.
This is what I'm using for my PHP code:
$records = $conn->prepare('INSERT INTO users (username, email, password, limit) VALUES (:username, :email, :password, :theLimit)');
$records->bindParam(':username', $_POST['username']);
$records->bindParam(':password', password_hash($_POST['password'], PASSWORD_BCRYPT));
$records->bindParam(':email', $_POST['email']);
$records->bindParam(':theLimit', $_GET['amt']);
My database is as follows:
CREATE TABLE `users` (
`id` int(11) UNSIGNED NOT NULL,
`username` varchar(250) NOT NULL DEFAULT '',
`email` varchar(250) NOT NULL DEFAULT '',
`password` varchar(200) NOT NULL DEFAULT '',
`limit` varchar(200) NOT NULL DEFAULT '',
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
The error I get is this:
Array ( [0] => 42000 [1] => 1064 [2] => You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'limit) VALUES ('F', 'some_person#email.com', '$2y$10$gacC/a8zA3jCbPpKNTddtu4dBG' at line 1 )
And finally, the URL looks like this:
https://website.com/reg.php?serial=306019525D31&amt=10
I have even tried:
$records->bindParam(':theLimit', $_POST['email']);
thinking it might've been the URL. Same error.
I redid the database, same error.
Any ideas?
Thank you!
LIMIT is a reserved MySQL keyword, so you should escape it:
$sql = "INSERT INTO users (username, email, password, `limit`) ";
$sql .= "VALUES (:username, :email, :password, :theLimit)";
$records = $conn->prepare($sql);
Actually, you should avoid naming your objects using LIMIT or any other reserved keyword. Otherwise, you will always have to escape them as done above.
This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 5 years ago.
there are a lot of ways to work with variable in this area, but this place of the variable seems to work with the syntax I wrote beneath. Except, it doesn't.
$name = (string)$_GET['name'];
mysqli_select_db($con,"dbtest");
// sql to create table
$sql = "CREATE TABLE '".$name."' (
id INT(6) UNSIGNED AUTO_INCREMENT PRIMARY KEY,
firstname VARCHAR(30) NOT NULL,
lastname VARCHAR(30) NOT NULL,
email VARCHAR(50),
reg_date TIMESTAMP
)";
Try this:
(get rid of quotes and double quotes around your variable -> name)
$sql = "CREATE TABLE $name (
id INT(6) UNSIGNED AUTO_INCREMENT PRIMARY KEY,
firstname VARCHAR(30) NOT NULL,
lastname VARCHAR(30) NOT NULL,
email VARCHAR(50),
reg_date TIMESTAMP
)";