This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 5 years ago.
I'm trying to do MySQL query with update on duplicate key but I can't see whats wrong with syntax because getting "syntax error or access violation" error.
code:
$sql = "INSERT INTO site_configuration
(configuration_key, configuration_value, additional_data)
VALUES
(:config_key, :site_new_background, :site_background_meta)
ON DUPLICATE KEY UPDATE
'configuration_value' = VALUES(:site_new_background), 'additional_data' = VALUES(:site_background_meta)";
$smth = $database->prepare($sql);
$smth->bindParam(':config_key', $config_key, PDO::PARAM_STR);
$smth->bindParam(':site_new_background', $site_new_background, PDO::PARAM_STR);
$smth->bindParam(':site_background_meta', $site_background_meta, PDO::PARAM_STR);
Error message:
'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''configuration_value' = VALUES(?), 'additional_data' = VALUES(?)'
remove the single quote from the statement
$sql = "INSERT INTO site_configuration
(configuration_key, configuration_value, additional_data)
VALUES
(:config_key, :site_new_background, :site_background_meta)
ON DUPLICATE KEY UPDATE
configuration_value = VALUES(:site_new_background), additional_data = VALUES(:site_background_meta)";
Related
This question already has answers here:
How to apply bindValue method in LIMIT clause?
(11 answers)
Closed 2 years ago.
I am trying to get some products from my database with a prepared PDO statements. The formula worked well if I included the variable inside the SQL but of course this is really bad practice.
Working formula:
protected function getSomeProducts($somequantity){
$sql = "SELECT * FROM products ORDER by ID DESC LIMIT $somequantity";
$stmt = $this->connect()->query($sql);
$result = $stmt->fetchAll();
return $result;
My approach to the prepared statement:
protected function getSomeProducts($somequantity){
$sql = "SELECT * FROM products ORDER by ID DESC LIMIT ?";
$stmt = $this->connect()->prepare($sql);
$stmt->execute([$somequantity]);
$result = $stmt->fetchAll();
return $result;
}
This is the error message I get:
Fatal error
: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''6'' at line 1.
Any idea what Im doing wrong could be?
replace the below line
$stmt->execute([$somequantity]);
with
$stmt->bindParam(1, $somequantity, PDO::PARAM_INT);
$stmt->execute();
This question already has answers here:
MySQL Insert query doesn't work with WHERE clause
(31 answers)
Closed 2 years ago.
please help me to solve this error.i tired from searching solution...
error: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'WHERE name=NULL' at line 1
my database have 3 column=id(int),name(varchar),comment(varchar) and i want insert comment to it.
my php code :
<?php
include "./Config.php";
include './MyPDO.php';
$response = array() ;
$connect = MyPDO::getInstance();
$name = $_REQUEST['name'];
$comment=$_REQUEST['comment'];
$query = " INSERT INTO user "
. " (comment) "
. " VALUES "
. " (:comment) "
. " WHERE name=:name ";
$stmt = $connect->prepare($query);
$stmt->bindParam(":name",$name);
$stmt->bindParam(":comment",$comment);
try {
$stmt->execute();
$response['massage'] = "sucess";
echo json_encode($response);
exit;
} catch (PDOException $ex) {
$response['massage'] = "error";
$response['error']=$ex->getMessage();
echo json_encode($response);
}
Looks like you mixed the syntax here. You seem to want to update an existing record. Use
update user
set comment = :comment
where name = :name
insert if for creating a new record.
The insert into ... values() syntax does not take a where clause.
If you want to insert, then:
insert into user(name, comment) values(:name, :comment)
But actually it looks like you might want an update:
update users set comment = :comment where name = :name;
The former creates a new record in the table, with the given name and comment.
The latter modifies the already-existing record that has the same name and sets its comment value.
This question already has answers here:
Syntax error due to using a reserved word as a table or column name in MySQL
(1 answer)
MySQL: "error in your SQL syntax ... near key ..."? [closed]
(6 answers)
Reference - What does this error mean in PHP?
(38 answers)
Closed 4 years ago.
I'm trying to execute an SQL INSERT but I am getting the error:
SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'key) VALUES (example#example.com, hello)' at line 1
The values in the table are: id(auto increment), email and key which are both varchar(255) with the id being (int).
function validate($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$key = 'hello';
$email = validate($_POST['email']);
$insert = $user->recordPasswordReset($email, $key);
public function recordPasswordReset($email, $key)
{
try
{
$db = DB();
$sql = "INSERT INTO password_reset(email, key) VALUES (:email, :key)";
$stmt = $db->prepare($sql);
$stmt->bindParam(':email', $email, PDO::PARAM_STR);
$stmt->bindParam(':key', $key, PDO::PARAM_STR);
$stmt->execute();
}
catch (PDOException $e)
{
echo ($e->getMessage());
}
}
Can anybody see any errors in my code?
Firstly, as per the documentation, your field name key is a reserved keyword. You need to use back ticks around it.
Change,
INSERT INTO password_reset(email, key) VALUES (:email, :key)
To,
INSERT INTO password_reset(email, `key`) VALUES (:email, :key)
Secondly, please don't use an all-in-one sanitize function as they generally have some form of flaw in them.
Thirdly, you are using visibility keywords outside of a class.
This question already has answers here:
How to apply bindValue method in LIMIT clause?
(11 answers)
Closed 7 years ago.
$conn = getConn();
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "select * from posts where fk_user_id in (select id_user_1 from contacts where id_user_2=:_id) or (select id_user_2 from contacts where id_user_1=:_id) or :_id order by date desc limit 15 offset :_offset";
$stmt = $conn->prepare($sql);
$stmt->bindParam('_id', $id);
$o = "0";
$stmt->bindParam('_offset', $o);
Connection failed: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''0'' at line 1
For some reason it doesn't bind the param correctly; if I manually put a 0 in the SQL everything works.
Fix: I fixed if by adding PDO::PARAM_INT. $stmt->bindParam(':_offset', $offset, PDO::PARAM_INT);
You're binding parameters incorrectly. It should be:
$stmt->bindParam(':_id', $id);
$offset = 0;
$stmt->bindParam(':_offset', $offset, PDO::PARAM_INT);
This question already has an answer here:
Syntax error due to using a reserved word as a table or column name in MySQL
(1 answer)
Closed 7 years ago.
I'm getting an error with PDO:
PDOStatement::execute() [pdostatement.execute]: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'key, pseudo, ip, date) VALUES ('mykeyperso', 'mrthebigbosseur', '86.208.78.145',' at line 1 in /home/a1394006/public_html/api/skype.php on line 51
And I don't know why
My source code:
$req = $bdd->prepare('INSERT INTO logs (key, pseudo, ip, date) VALUES (:key, :pseudo, :ip, :date)');
$req->bindParam(":key", $key1, PDO::pARAM_STR);
$req->bindParam(":pseudo", $pseudo1, PDO::pARAM_STR);
$req->bindParam(":ip", $ip1, PDO::pARAM_STR);
$req->bindParam(":date", $date, PDO::pARAM_STR);
$req->execute();
My variable:
$key1 = $_GET['key'];
$pseudo1 = $_GET['pseudo'];
$ip1 = $_SERVER['REMOTE_ADDR'];
$date = $_SERVER['REQUEST_TIME'];
My database: http://prntscr.com/6zjsmd
So if someone can help me plz
Key is a reserved word in mysql. To use it as a column name, wrap it in backticks (`key`). Double quotes would apparently also work in ANSI SQL mode.