I have tried to parsing data from url and this is part of xml data
-
<players category="Attackers">
<player id="206651">
<name>Thapelo Tale</name>
<firstname>Thapelo</firstname>
<lastname>Tale</lastname>
<team></team>
<teamid></teamid>
<nationality>Lesotho</nationality>
<birthdate>22/04/1988</birthdate>
<age>25</age>
<birthcountry>Lesotho</birthcountry>
<birthplace>Maseru</birthplace>
<position>Attacker</position>
<height>169 cm</height>
<weight></weight>
<image>
and using this code
<?php
$xmlLinq_player=simplexml_load_file("note.xml");
foreach($xmlLinq_player->player as $player) {
$player_id = $player->attributes()->id;
if($player_id){
$team_name=mysql_real_escape_string($player->team);
$team_id=mysql_real_escape_string($player->teamid);
if($team_id =='' || !$team_id){
$team_id=0;
}
$nationality=mysql_real_escape_string($player->nationality);
$fullname=mysql_real_escape_string($player->name);
$firstname=mysql_real_escape_string($player->firstname);
$lastname=mysql_real_escape_string($player->lastname);
$birthdate=$player->birthdate;
$birthdate=date('Y-m-d', strtotime(str_replace('-', '/', $birthdate)));
$birthcountry=mysql_real_escape_string($player->birthcountry);
$birthplace=mysql_real_escape_string($player->birthplace);
$logo=$player->image;
$position=mysql_real_escape_string($player->position);
$height=$player->height;
$weight=$player->weight;
$query = sprintf("INSERT INTO players (PlayerId,TeamId, FullName, FirstName, LastName, Nationality, BirthDate, BirthCountry, BirthPlace, PositionFull, Height,Weight,Photo)
VALUES($player_id, $team_id, '$fullname', '$firstname', '$lastname', '$nationality', '$birthdate', '$birthcountry','$birthplace','$position','$height','$weight','$logo')
ON DUPLICATE KEY UPDATE FullName = VALUES(FullName),FirstName = VALUES(FirstName), LastName = VALUES(LastName), Nationality = VALUES(Nationality), BirthDate = VALUES(BirthDate), BirthCountry = VALUES(BirthCountry),
BirthPlace = VALUES(BirthPlace),PositionFull = VALUES(PositionFull),Height = VALUES(Height),Weight = VALUES(Weight),Photo = VALUES(Photo)");
$result = mysql_query($query);
if (!$result){
$message = mysql_error() ;
//$message = 'Whole Query: ' .$query;
die($message);
}
}
}
}
}
?>
then it give this problem
( You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '\n , 'Thapelo Tale', 'Thapelo', 'Tale', 'Lesotho', '1970-01-01', 'Lesotho','M' at line 2 ) please help .. how to solve this problem thanks
Check on duplicate key update syntax
INSERT INTO players (PlayerId,TeamId, FullName, FirstName, LastName, Nationality, BirthDate, BirthCountry, BirthPlace, PositionFull, Height,Weight,Photo)
VALUES($player_id, $team_id, '$fullname', '$firstname', '$lastname', '$nationality', '$birthdate', '$birthcountry','$birthplace','$position','$height','$weight','$logo')
ON DUPLICATE KEY UPDATE FullName = '$FullName',FirstName ='$FirstName', LastName = '$LastName',
Nationality = '$Nationality', BirthDate = '$BirthDate', BirthCountry = '$BirthCountry',BirthPlace = '$BirthPlace',PositionFull = '$PositionFull',
Height = '$Height',Weight = '$Weight',Photo = '$Photo'");
Related
i work on an simple mutiple INSERT INTO that works fine in phpmyadmin.
When i execute the same code in php i recieve an error:
1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'INSERT INTO fm_support_cont (sup_id_cont, mail, phone) VALUES ((SELECT s' at line 2
Thank you :-)
INSERT INTO `fm_support` (`name`, `surname`, `role_id_sup`) VALUES (?,?,?);
INSERT INTO `fm_support_cont` (`sup_id_cont`, `mail`, `phone`) VALUES ((SELECT sup_id FROM `fm_support` WHERE name = ? AND surname = ?),?,?);
INSERT INTO `fm_user` (`user`, `isadmin`, `user_data`) VALUES (?,?,(SELECT sup_id FROM `fm_support` WHERE name =? AND surname = ?));
The PHP CODE i use:
private function includeNewUser()
{
$data = $this->d;
$newName = $data[0];
$newSurname = $data[1];
$newRole = $data[2];
$newEmail = $data[3];
$newPhone = $data[4];
$newUser = $data[5];
$newIsadmin = $data[6];
$newApw = password_hash($data[7], PASSWORD_DEFAULT);
$SQL = " INSERT INTO `fm_support` (`name`, `surname`, `role_id_sup`) VALUES (?,?,?);
INSERT INTO `fm_support_cont` (`sup_id_cont`, `mail`, `phone`) VALUES ((SELECT sup_id FROM `fm_support` WHERE name = ? AND surname = ?),?,?);
INSERT INTO `fm_user` (`user`, `isadmin`, `user_data`) VALUES (?,?,(SELECT sup_id FROM `fm_support` WHERE name =? AND surname = ?));";
$conn = $this->connect();
if($stmt = $conn->prepare($SQL)) {
$stmt->bind_param("ssisssssiss", $newName, $newSurname, $newRole, $newName, $newSurname, $newEmail, $newPhone, $newUser, $newIsadmin, $newName, $newSurname);
$stmt->execute();
//$result = $stmt->get_result();
//$insertResult = $result->fetch_assoc();
if($newIsadmin == 1)
{
$stmt = $db->prepare("INSERT INTO `fm_apw`(`pw_for`, `pw`) VALUES ((SELECT id FROM fm_user WHERE user = ?), ?);");
$stmt->bind_param("ss",$newUser, $newApw);
$stmt->execute();
}
$result = true;
}
else
{
$result = $conn->errno . ' ' . $conn->error;
echo $result; // 1054 Unknown column 'foo' in 'field list'
//$result = false;
}
return $result;
}
}
I am trying to store the data from a form into a postgresql but I am getting the error
Warning: pg_query(): Query failed: ERROR: syntax error at or near ","
LINE 2: ..., '1212121212', '01/06/2000', 'Gurjeet', 'Singh',
,'12121212... ^ in C:\xampp\htdocs\login.php on line 36 Error with
query: ERROR: syntax error at or near "," LINE 2: ..., '1212121212',
'01/06/2000', 'Gurjeet', 'Singh', ,'12121212... ^
The values in the single inverted commas are the value that I have given input through the html form.
Here is my php code
if(isset( $_POST['econtct']))
$emergency_number = $_POST['econtct'];
$mobile = 1212121212;
if(isset( $_POST['date']))
$ DOB = $_POST['date'];
if(isset( $_POST['fnam']))
$first_name = $_POST['fnam'];
if(isset( $_POST['lnam']))
$last_name = $_POST['lnam'];
//$blood_group = $_POST['bgr'];
if(isset( $_POST['uidd']))
$aadhar = $_POST['uidd'];
if(isset( $_POST['address']))
$address = $_POST['address'];
$query = "INSERT INTO user_details (emergency_number, mobile, DOB, first_name, last_name, aadhar, address)
VALUES ('$emergency_number', '$mobile', '$DOB', '$first_name', '$last_name', ,'$aadhar', '$address' )";
$result = pg_query($db,$query);
if (!$result) {
$errormessage = pg_last_error();
echo "Error with query: " . $errormessage;
exit();
}
printf ("These values were inserted into the database");
pg_close();
VALUES ('$emergency_number', '$mobile', '$DOB', '$first_name', '$last_name', ,'$aadhar', '$address' )";
You have two commas between $last_name and $aadhar
There seems to an extra comma in your query:
Incorrect:
$query = "INSERT INTO user_details (emergency_number, mobile, DOB, first_name, last_name, aadhar, address)
VALUES ('$emergency_number', '$mobile', '$DOB', '$first_name', '$last_name', ,'$aadhar', '$address' )";
Correct:
$query = "INSERT INTO user_details (emergency_number, mobile, DOB, first_name, last_name, aadhar, address)
VALUES ('$emergency_number', '$mobile', '$DOB', '$first_name', '$last_name','$aadhar', '$address' )";
Can you remove that and try once again
Can you help me guys to fix my error, I stack with this error message the problem is only when inserting data into database.
I don't know if my code is an old coding style.
I badly need your help guys sorry for my English.
<?php
if ($sID > 0) {
$query = "UPDATE `shows`
SET video = '$video',
title = '$title',
description = '$description',
content = '$content',
episodes = '$episodes',
duration = '$duration',
pilot_rating = '$pilot_rating',
pilot_share = '$pilot_share',
sold_in = '$sold_in',
production = '$production',
marketing = '$marketing',
rating = '$rating',
awards = '$awards',
alias = '$alias',
publish = '$publish',
posted = '$posted',
`show` = '1',
catid2 = '$catID2',
catid = '$catID',
modified_date = '$modified_date',
modified_by = '".$_SESSION['cpuid']."',
now_available = '$now_available',
all_titles = '$all_titles',
hot_clips = '$hot_clips',
featured_program = '$featured_program'
WHERE sid = '$sID'";
} else {
$query = "INSERT INTO `shows` ( video, title, description, content, episodes, duration, pilot_rating, pilot_share, sold_in, production, rating, awards, alias, publish, posted, show, catmain, catid2, catid, created_by, modified_date, modified_by, now_available, all_titles, hot_clips, featured_program ) VALUES ('$video', '$title', '$description', '$content', '$episodes', '$duration', '$pilot_rating', '$pilot_share', '$sold_in', '$production', '$rating', '$awards', '$alias', '$publish', '$posted', '1', '1', '$catID2', '$catID', '".$_SESSION['cpuid']."', '$modified_date', '".$_SESSION['cpuid']."', '$now_available', '$all_titles', '$hot_clips', '$featured_program' )";
}
mysql_query($query) or die('Error, query failed'.mysql_error());
?>
I am working on a small project. I have a text area while I explode into lines using
$address_complete = $_POST['address'];
$address_array = explode("\n", $address_complete);
$address_count = count($address_array);
Now I know how many values coming from this array. Now I have built a query to insert into my database:
$query = "INSERT INTO customer SET ID = '$id',
Name = '$name',
Email = '$email',
Address1 = IF('$address_array[0]' = '', Address1, '$address_array[0]'),
Address2 = IF('$address_array[1]' = '', Address1, '$address_array[1]'),
Address3 = IF('$address_array[2]' = '', Address1, '$address_array[2]'),
Address4 = IF('$address_array[3]' = '', Address1, '$address_array[3]'),
Address5 = IF('$address_array[4]' = '', Address1, '$address_array[4]'),
City = '$city',
Country = '$country'";
mysqli_query($dbc,$query);
Above working fine as long I have 5 values coming from the text area. But If I have less then I get error "Undefined offset:"
I thought of making a while loop inside query but I am still new to the awesome world of php so not really know. Did look around but can't find the right answer.
I am sure you guys can help but please remember I am new so easy language please :)
Thanks
$query = "INSERT INTO customer SET ID = '$id',
Name = '$name',
Email = '$email',";
$addressQuery="";
for($i=0;$i<$count;$i++)
{
$addressQuery = $addressQuery + "Address'$i+1'=IF('$address_array[$i]' = '', Address'$i+1', '$address_array[$i]'),";
}
$query = $query + $addressQuery;
$query = $query + "City = '$city',
Country = '$country'";
mysqli_query($dbc,$query);
Fix the assignment to generate the correct number of array items
$address_array = address_pad(explode("\n", $address_complete), 5, '');
Fix the query construction using the ternary operator and a loop
foreach($address_array as $index => $value) {
$query .= ($value) ? " `Address{$index + 1}` = '{$value}'," : "";
}
I assumed that you have set default values to Address1,2,3,4 and 5 in case they are empty.
$query = "INSERT INTO customer SET ID = '$id',
Name = '$name',
Email = '$email',
City = '$city',
Country = '$country'";
for($i=0;$i<$address_count;$i++)
{
if($address_array[$i] != '')
$query .=", Address".($i+1)." = '$address_array[$i]'";
}
mysqli_query($dbc,$query);
My sql query is :
"INSERT INTO
order customer_id = $customer_id
, firstname = '".$firstname."'
, lastname = '".$lastname."'
, email = '".$email."'
, telephone = '".$telephone."'
, fax = '".$fax."'
, ip = '".$ip."'
, date_added = NOW()
, date_modified = NOW()
";
I get the error
Notice: Error: You have an error in your SQL syntax; check the manual
that corresponds to your MySQL server version for the right syntax to
use near 'order customer_id =1,firstname ='kuldeep',lastname
='pathak',email ='kuldeep.pat' at line 1 Error No: 1064
You didnt understand how to write SQLs as it seems.
$sql = 'INSERT INTO `order` (customer_id, firstname, blablabla) VALUES ('.$custormer_id.','.$firstname.','.$blablabla.')';
Please look at some basic tutorials about SQL.
"INSERT INTO
`order` SET customer_id = " . $customer_id . "
, firstname = '".$firstname."'
, lastname = '".$lastname."'
, email = '".$email."'
, telephone = '".$telephone."'
, fax = '".$fax."'
, ip = '".$ip."'
, date_added = NOW()
, date_modified = NOW()
";
Should be alright. DonĀ“t forget to escape your data though.
Try
"INSERT INTO `Order` (customer_id, firstname, lastname, email, telephone, fax, ip, date_added, date_modified)
VALUES ($customer_id, '$firstname', '$lastname', '$email', '$telephone', '$fax', '$ip', NOW(), NOW())"
The right syntax is : INSERT INTO tablename (columns) VALUES (values);
If you're likely to have user submitted fields in the dataset or appostrophes or anything else that could cause problems for any reason you'd want something more like
$query = sprintf("INSERT INTO `table` (`Name`, `Email`, `AnotherField`) VALUES ('%s', '%s', '%s'",
mysql_real_escape_string( $_POST['Name'] ),
mysql_real_escape_string( $_POST['Email'] ),
mysql_real_escape_string( $_POST['AnotherField'] )
);
This will sanitise your inputs as well
Use prepared statement to avoiding sql injection.
$custormer_id = "2000";
$firstname = "first name";
$etc = "some other values";
$mysqli = new mysqli('localhost', 'user', 'password', 'database');
$stmt = $mysqli->prepare("INSERT INTO order(customer_id, firstname, etc) VALUES (?, ?, ?)");
$stmt->bind_param('iss', $custormer_id, $firstname, $etc);
// first parameter is corresponding variable type of inserting values,eg i=interger, s=string
$stmt->execute();
$stmt->close();
http://php.net/manual/en/mysqli-stmt.bind-param.php