<?php
require 'database.inc.php';
$query="SELECT 'food','calorie' FROM 'users' ORDER BY 'id' " ;
if($query_run=mysql_query($query))
{echo '<br> working';}
else {echo '<br>nothing error';
echo mysql_error();} ?>
ERROR:You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''users'
Replace all your ' with `(this is the sign below ~ in keyboard) as:
$query="SELECT `food`,`calorie` FROM `users` ORDER BY `id`";
Delete all single quotes ' in your query :
$query="SELECT food,calorie FROM users ORDER BY id";
No need to use the quotes for table name or field name. instead use back quotes if needed (`).
For normal field names it is not mandatory. if table contain any field name, that is a mysql key name, it is mandatory.
for eg:- if column name "group" exists. with out back quotes it will throw error.
$query="SELECT `food`,`calorie` FROM `users` ORDER BY `id` " ;
Related
I have a page that updates the data of a specific user. The user has position, which is a foreign key. The query update (below) works fine without the position, but with the position I get the following error.
Query :
$queryUpdate = "UPDATE visitorsystem.employee SET idNumber = '$idNumber', name = '$name',
surname = '$surname',
position = 'SELECT positionid FROM visitorsystem.position WHERE positionName LIKE '%$position%'',
email = '$email'
WHERE employeeid = '$empId'";
$resultUpdate = mysqli_query($connection,$queryUpdate)
or die("Error in query: ". mysqli_error($connection));
Error in query: You have an error in your SQL syntax; check the manual
that corresponds to your MySQL server version for the right syntax to
use near 'SELECT positionid FROM visitorsystem.position WHERE
positionName LIKE '%Informat' at line 3
I have tried to work my way around by using inner join as I have seen some solutions given here on stack but nothing has worked. Any Suggestions ?
Subqueries go within regular parens, not quotes, so in a general sense:
SELECT x FROM y WHERE z IN (SELECT z FROM a)
Single and double quotes (by default) are only for string values.
I have an app that I am trying to use to update a mysql table which has the following layout:
I am trying to get it so that the app sends in the URL the employee name and the in/out column value, and then my PHP script finds the person with the matching name and changes the in/out column value. Here is an example of an entry:
For some reason, when the in/out column should be changing to a 1, it remains at 0.
My Script is as follows:
<?php
// Input the credentials, clocktablet would be the database name
$con=mysqli_connect("localhost","tablet1","*****","clocktablet");
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
// escape variables for security
$employeename = mysqli_real_escape_string($con, $_GET['employeename']);
$Clock = mysqli_real_escape_string($con, $_GET['Clock']);
//alters Track Table to display in/out status
$sql = "UPDATE track SET In/Out=$Clock WHERE EmployeeName=$employeename";
if (!mysqli_query($con,$sql)) {
die('Error: ' . mysqli_error($con));
}
mysqli_close($con);
?>
Can anyone see anything wrong with the php script?
The table name is Track and the DB name is clocktablet, and I can confirm that the username and password inputted into the script is correct.
Missing quotes in column values and backtick in column name for exm In/Out .
Better use prepare statement!!
//alters Track Table to display in/out status
$smt = $con->prepare("UPDATE `track` SET `In/Out`=? WHERE `EmployeeName`=?");
$smt->bind_param('is',$_GET['Clock'],$_GET['employeename']);
$smt->execute();
To check number of affected rows by update query use
printf("Affected rows (UPDATE): %d\n", $con->affected_rows);
Change
$sql = "UPDATE track SET In/Out=$Clock WHERE EmployeeName=$employeename";
To
$sql = "UPDATE track SET `In/Out`=$Clock WHERE EmployeeName='$employeename'";
^ enclose column name with backtick
May be column name with backslash are allowed while creating a table. But, while inserting value for that column. It need to be enclosed with backtick, otherwise, it will through an error stating
1064 - You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near 'in/out
Backtick
Use single quotes around $employeename and backtick in column name for In/Out
$sql = "UPDATE track SET `In/Out`= $Clock WHERE EmployeeName= '$employeename'";
While I try to run the following mysqli call
$strSQL3=mysqli_query($connection," alter table mark_list add column 'mark' int(2) " ) or die(mysqli_error($connection));
returns error
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near `mark int(2)` at line 1
Single quotes (') denote string literals. Object names (such as columns), are not strings - juts lose the quotes:
$strSQL3 = mysqli_query($connection ,"alter table mark_list add column mark int(2)" ) or die(mysqli_error($connection));
Try changing 'mark' to mark like this:
$strSQL3=mysqli_query($connection,
" alter table mark_list add column mark int(2) " )
or die(mysqli_error($connection));
Simply you need to remove the quotes near 'mark
$strSQL3=mysqli_query($connection," alter table mark_list add column mark int(2) " ) or die(mysqli_error($connection));
I have a Mysql query as follows
$query = "UPDATE student_database SET fname='$fname',mname='$mname',lname='$lname',dob='$dob',Age='$age',Sex='$sex',Caste='$caste',dept='$dept', SSC%=$ssc , HSC%=$hsc, ATKTs=$atkt, Last_sem%=$lastsem, Aggregate%=$agg WHERE student_id=$id ; ";
Some column names have a '%' sign in it. Mysql throws the following error when I execute it
Cannot execute.You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%=79.6 , HSC%=81.83, ATKTs=5, Last_sem%=52.35, Aggregate%=53.6 WHERE student_id=' at line 1
Can't figure out the problem I have tried "\" , "#" , "%%" as escape characters but can't figure it out.
Wrap it in backticks to tell SQL that it's a column, does this work?
$query = "UPDATE student_database SET fname='$fname',mname='$mname',lname='$lname',dob='$dob',Age='$age',Sex='$sex',Caste='$caste',dept='$dept', `SSC%`=$ssc , `HSC%`=$hsc, ATKTs=$atkt, `Last_sem%`=$lastsem, `Aggregate%`=$agg WHERE student_id=$id ; ";
Try wrapping the column names in backticks, e.g
`SSC%`=$ssc
So I have this,
<?php
require "database.php";
$to=$_GET['toF'];
$content=$_POST['message_contentl'];
$from=$_GET['fromF'];
$ck_reciever = "SELECT Username FROM accounts WHERE username = '".$to."'";
if( mysql_num_rows( mysql_query( $ck_reciever ) ) == 0 ){
die("The user you are trying to contact don't exist. Please go back and try again.<br>
<form name=\"back\" action=\"Send_FR.php\" method=\"post\">
<input type=\"submit\" value=\"Try Again\">
</form>
");
}else{
$a1 = $_POST['message_contentl'];
$a2 = $_GET['fromF'];
$a3 = $_GET['toF'];
mysql_query("INSERT INTO Friends (fr_message, From, To) VALUES ('$a1', '$a2', '$a3')"); OR die("Could not send the message: <br>".mysql_error());
echo "The Friend Request Was Successfully Sent!";
?>
But it doesn't work.
All it does is give me this error message:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'From, To) VALUES ('', 'Extro', 'Syncro')' at line 1
Help, please?
from and to are reserved words in SQL, in MySQL you can use reserved words as column or table names by wrapping them in backticks, but I'd strongly advise against the use of reserved word as column names, it's horribly confusing. Small example ex absurdo:
select `select`, `from` from `where` where `like` like 'like';
Yeah, the engine eats it, but you'll admit it could be more readable :-)
FROM is a reserved SQL keyword - if you have a column or a table with that name, you will have to back-quote (`) it.