This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 6 years ago.
I'm new on StackOverflow. Hope I'm doing the questioning correctly.
I'm trying to insert data from an external XML (URL) into an SQL table, but I get:
Error: INSERT INTO 'table_name' ('price')VALUE ('5.95')
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use
near ''BBB' ('price')VALUE ('5.95')' at line 1
I'm able to ECHO and PRINT values from the XML and also able to INSERT non-xml values into the table. The code I'm using is:
<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "dbname";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$xml=simplexml_load_file("external_xml_url") or die("Error: Cannot create object");
foreach ($xml->product as $row) {
$price = $row -> price;
$sql = "INSERT INTO 'table_name' ('price')"
. "VALUES ('$price')";
}
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
?>
Would be great if someone can help me out on this one. I've the feeling I'm pretty close...
As far as I know, with MariaDB you have to use Backticks to "qoute" an object's name.
Try it like this:
$sql = "INSERT INTO `table_name` (`price`) VALUES ('$price')";
If you do not deal with dangerous object names you might use just
$sql = "INSERT INTO table_name (price) VALUES ('$price')";
If you got your price properly then you should check your query
Ex.
INSERT INTO table_name (price) VALUES ('$price')
Related
I'm stuck with a syntax error for a SQL query to insert data into a table.
Ah, the syntax error, most useless of all errors!!
Using the code modified from PHP Insert Data Into MySQL using both mysqli and PDO methods.
e.g.:
<?php
$servername = "localhost";
$username = "4w_write";
$password = "GjByhJzrQueHgTzw";
$dbname = "4w_test";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "INSERT INTO 4w (email) VALUES ($email)";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
?>
Having stripped it down to a single variable which isn't using a keyword, I'm pretty sure the problem is with my table.
SQL Query:
INSERT INTO 4w (email) VALUES (myemail#gmail.com)
Error:
Error: INSERT INTO 4w (email) VALUES (myemail#gmail.com) You have an
error in your SQL syntax; check the manual that corresponds to your
MariaDB server version for the right syntax to use near '#gmail.com)'
at line 1
SQL table (4w):
# Name Type Default
1 id [Primary,Index] int(11)
2 email varchar(255)
3 whatIs tinytext
4 whereIs text
5 whattodo text
6 imageURL text
7 whenRep timestamp CURRENT_TIMESTAMP
The email value is a string, so you need to surround it with quotes:
$sql = "INSERT INTO 4w (email) VALUES ('$email')";
Or, better yet, use a prepared statement and bind it's value.
Couldn't see the problem, missing quotes....
Original code:
$sql = "INSERT INTO 4w (email) VALUES ($email)";
Fixed code:
$sql = "INSERT INTO 4w (email) VALUES ('$email')";
This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 5 years ago.
I have a PHP code, it gets data from HTML form and insert in into SQL table. But I can do this because of error:
Here is my code:
<html>
<?
$name = $_get['name'] ;
$mob = $_get['mob'] ;
$email = $_get['email'] ;
//config
$servername = "localhost";
$username = "lozaair_datam";
$password = ".8#l2)S3+d%*";
//end-config
//db connect
try {
$conn = new PDO("mysql:host=$servername;dbname=lozaair_orders", $username, $password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
//data input
$sql = "INSERT INTO `orders` (`name`, `mob`, `email`) VALUES ($name , $mob , $email )";
$conn->exec($sql);
//end- data input
echo "New record created successfully";
}
catch(PDOException $e)
{
echo $sql . "<br>" . $e->getMessage();
}
//end- db connect
//db close
$conn = null;
//end- db close
?>
</html>
i tried many ways but is not working.
I think you need to surround your variables with single quotes in your query. Try below one:
$sql = "INSERT INTO `orders`(`name`, `mob`, `email`) VALUES('$name', '$mob', '$email')";
This question already has answers here:
Insert into a MySQL table or update if exists
(12 answers)
Closed 6 years ago.
In my PHP script I save data to database (hash, sala).
I want to update hash if sala is exists (update hash in same row).
How to change in my script?
$sala = $_POST['sala'];
$servername = "";
$username = "";
$password = "";
$dbname = "";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
} else{
echo "Polaczono";
}
$sql = "INSERT INTO instructions (hash, sala)
VALUES ('$newfilename', '$sala')";
if ($conn->query($sql) === TRUE) {
echo "Dane dodano prawidłowo";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
You can use INSERT ... ON DUPLICATE KEY syntax to update the value if key already exists, e.g.:
INSERT INTO instructions (hash, sala) VALUES("A", "B") ON DUPLICATE KEY UPDATE
hash = "C";
Here is the documentation.
Use this query instead:
$sql = "INSERT INTO instructions (hash, sala)
VALUES ('$newfilename', '$sala')
ON DUPLICATE KEY UPDATE hash='$newfilename'";
Also you need to create UNIQUE KEY on column sala.
And don't forget about SQL injection attack as you been told before.
I have been developing a website on localhost with xampp and everything worked perfect. so i moved to a web host for the first time. I have edited my connection string to fit the web server and it connects fine but when i tried testing the registration page i designed it doesn't insert data into the database. I tried a simple insert statement on a separate script
<!DOCTYPE html>
<html>
<body>
<?php
$conn = mysql_connect("localhost", "my_db_user_name", "my_db_password");
$db = mysql_select_db("my_db_name");
$query1 = mysql_query("INSERT INTO users firstname VALUES 'Patrick'",$conn);
if($query1) {
echo "Yes";
} else {
echo "didn't work";
}
echo mysql_error($query1);
?>
</body>
</html>
It returned the didn't work and didn't insert anything neither did it echo any error. But when i tried a select statement and echo the result of the query it worked so its safe to say my connection is valid.
I also went to my cpanel phpmyadmin interface and tried the same insert statement it didn't work but returned:
1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use
near 'firstname VALUES 'Patrick'' at line 1.
I tried with and without back ticks the same thing. but i can select query.
You missed the correct syntax for the insert.
INSERT INTO table_name (column1, column2, column3,...)
VALUES (value1, value2, value3,...)
Example from w3schools:
<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "myDB";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "INSERT INTO MyGuests (firstname, lastname, email)
VALUES ('John', 'Doe', 'john#example.com')";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
?>
http://www.w3schools.com/php/php_mysql_insert.asp
Your query needs to look like this
INSERT INTO (columns) VALUES (values)
So you will get
INSERT INTO users (firstname) VALUES ('Patrick');
Dude... one second google, and you would have your answer.
http://www.w3schools.com/sql/sql_insert.asp
Also, the error says there is a SYNTAX ERROR. It is so difficult to understand? Why you don't simply check your syntax?
INSERT INTO users (firstname) VALUES ('Patrick')
Hello i have a problem with my query ill keep getting errors from my query
this is my error;
Error: BEGIN; INSERT INTO our_work (id) VALUES ('6'); INSERT INTO
our_work_portf_img (portf_id, img_id) VALUES ('6', '7'); INSERT
INTO our_work_images (img_id, image) VALUES ('7', 'adawd.jpg');
COMMIT; You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near 'INSERT INTO our_work (id) VALUES ('6'); INSERT INTO `our_wo'
at line 3
i've tried many things but i noticed one thing if i copy the $query string and i posted the query directly in mysql the problem will not accorded and it works just how i hoped it would.
Does anyone noticed the problem in my query cause im literal out of ideas.
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
if(isset($_POST['submit_new_img'])){
$pjt_dtls = $_POST['project_details'];
$categories = $_POST['categories'];
$link = $_POST['link'];
$image_path = "adawd.jpg";//$_POST['file']; //$_POST['image'];
$row_id ='6';//++$num_rows['i'];
$image_id ='7'; //++$num_rows['ii'];
$sql = "
BEGIN;
INSERT INTO `our_work`
(`id`)
VALUES
('{$row_id}');
INSERT INTO `our_work_portf_img`
(`portf_id`, `img_id`)
VALUES
('{$row_id}', '{$image_id}');
INSERT INTO `our_work_images`
(`img_id`, `image`)
VALUES
('{$image_id}', '{$image_path}');
COMMIT;
";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
}
$conn->query($sql) does not work with multi-query like yours
you need to use multi_query instead
also here is nice comment:
Please note that there is no need for the semicolon after the last
query. That wasted more than hour of my time...