I am attempting to insert some user-inputted data into my MySQL table using the following command:
$sql = "INSERT INTO Queued ('$role') VALUES ('$sname')";
Interestingly enough, I get the following error:
Error: INSERT INTO Queued ('Tops') VALUES ('Summoner')
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''Tops') VALUES ('Summoner')' at line 1
To be honest, I am relatively new at using PHP as well as MySQL, but I can't seem to find the error in my syntax; the Queued table does exist, $role and $sname are both strings so I encased them in single quotes. I suspect this is a newbie mistake, could anyone point me in the right direction?
This is due to use of single quotes ' around the column name. The query should be like:
$sql = "INSERT INTO Queued ($role) VALUES ('$sname')";
OR
$sql = "INSERT INTO Queued (`$role`) VALUES ('$sname')";
Try this format
$sql = "INSERT INTO Queued ('".$role."') VALUES ('".$sname."')";
`s role is to differentiate between built in SQL words and the column names, so if a word is used for name of a column that might be also a built in sql expression then `` are needed around it
Related
I've been using this for loop to insert information into my database:
$values = array();
for($x=1;$x<=3;$x++){
$values[]= $_POST["FCKeditor".$x];
}
echo implode(",",$values);
$sql = "INSERT INTO virus (v1,v2,v3) VALUES(".implode(",",$values).")";
However, when I looked at the result on the webpage, it gave me this message:
a1
,b2
,c3
INSERT INTO virus (v1,v2,v3) VALUES(a1
,b2
,c3
)You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '>,b2
,c3
)' at line 1
Can someone help solve this issue?
Very likely the problem is the missing quotes, and you probably wanted something like the following for your values portion:
"'".implode("','",$values)."'"
Which gives you something like:
'abc','xyx','123'
Of course I am assuming that they are all of string type. If some are not, then you need to make sure strings are quoted and numbers are not etc.
The best is for sure to use place holders, then you do not need to go through this trouble at all.
I am trying to do a simple INSERT, but I keep on getting this error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'FROM,TO,ID,CURRENCY1,CURRENCY2,AMOUNT,NOTE,RATE) VALUES('test', 'test2', 'dd', '' at line 2
Here is my code:
mysql_query("INSERT INTO WIRET
(FROM,TO,ID,CURRENCY1,CURRENCY2,AMOUNT,NOTE,RATE) VALUES('$from', '$to', '$ID', '$currency1', '$currency2', '$amount','$note', '$rate') ")
or die(mysql_error());
Why am I getting this error? I copied this script from another area of my site where it works, I just changed the values.
FROM is a reserved word in MySQL (and SQL in general). If you really have a column named FROM you should wrap it with ` (backticks) so the parser knows you mean a name:
INSERT INTO WIRET (`FROM`, TO, ID, CURRENCY1, ...
If your column is named from you have to put it into "`" (backticks) because FROM is also a SQL keyword.
By putting a keyword (FROMhere) into backticks you say "this is not a SQL keyword" to the DBMS.
Example:
INSERT INTO WIRET (`FROM`,TO,ID,...
my basic insert query is not working.. i know its a very basic, raw sort of question to ask but m unable to sort out
my code
$a="nvsdjkvn";
$b="bhjxcbncj";
mysql_select_db("vas1",$con);
$s = "insert into updates(update,dates) values ('$b','$a')";
$re = mysql_query($s);
i got this error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'update,dates) values ('nvsdjkvn','bhjxcbncj')' at line 1
my table name is: updates with two columns 'update' and 'dates' both of type 'varchar'
update is a reserved word in SQL and must therefore be enclosed in backticks if not used as a reserved word:
$s = "insert into updates(`update`,dates) values ('$b','$a')";
UPDATE is a reserved word in MySQL. To use in your query, you should properly escape it.
Here is a complete list of MySQL reserved words.
Change -
$s = "insert into updates(update,dates) values ('$b','$a')";
To
$s = "insert into updates(`update`,`dates`) values ('".$b."','".$a."')";
Mysql extension is deprecated as of PHP 5.5.0, and is not recommended
for writing new code as it will be removed in the future. Instead,
either the mysqli or PDO_MySQL extension should be used. See also the
MySQL API Overview for further help while choosing a MySQL API.
I'm afraid to say so but we are not allowed to name a table just like a keyword.
Please go through the rule set for naming conventions
http://www.isbe.state.il.us/ILDS/pdf/SQL_server_standards.pdf
mysql_query("
INSERT INTO trades (id, cpair, oprice, cprice, bos, ooc, dateandtime)
VALUES (null, $currency, $openingprice, $closingprice, $buysell,
$openorclosed, $datetime"
);
What's wrong with this code that is making is error like this?
Error:
You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near ' , 1, 1, 2012-10-12 13:57:08' at line 1
You cannot insert a NULL for the id, this is probably a required field.
If it is auto-incrementing, just ignore it and it will automatically fill itself in.
Any strings need to be quoted in the MySQL command string, and you might need to invoke functions for converting the datetime from a string.
Wow! For one, you're not treating strings like strings. You're just echoing out anything into that query. Bad idea, and as you can see, not going to work.
you need to add single quotes around each var that is a string in your VALUES() statement at least.
mysql_query("
INSERT INTO trades (id, cpair, oprice, cprice, bos, ooc, dateandtime)
VALUES (null, $currency, $openingprice, $closingprice, $buysell,
$openorclosed, '$datetime'"
);
Next step is to switch to PDO and sanitize your input.
I have a following code:
<?php
include("config.php");
$key = 'blahblah';
$sql = "INSERT INTO softversions SET key='$key'";
$result = mysql_query($sql) or die ($mysql_error());
echo "dude";
?>
This gives me an error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'key='svksskjfvns'' at line 1
The thing is that I've used this script about a hundred times on other pages and it worked.
Table and field names are 100% correct.
I don't understand what is going on.
Do you see the syntax error there?
KEY is a reserved word in MySQL and you need to escape it using backticks to use it as a column name and also you should not use SET when inserting.
$sql = "INSERT INTO softversions (`key`) VALUES ('$key')";
key is a reserved word in MySQL. To use it as a column, you need to escape it every time you call it.
$sql = "INSERT INTO softversions SET `key`='$key'";
$sql = "INSERT INTO softversions(keyName) values('{$key}')";