This question already has an answer here:
Syntax error due to using a reserved word as a table or column name in MySQL
(1 answer)
Closed 6 years ago.
I get the following error:
Fatal error: Uncaught exception 'PDOException' with message
'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an
error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near 'High_Priority =
'NO', Private_Locate = 'NO', Ticket_Revision_Number = '1' ' at line 8'
in /home3/cmschu/public_html/pl/811/edit_ticket_submit.php:102 Stack
trace: #0
/home3/cmschu/public_html/pl/811/edit_ticket_submit.php(102):
PDOStatement->execute() #1 {main} thrown in
/home3/cmschu/public_html/pl/811/edit_ticket_submit.php on line 102
when running the following PDO statement:
// configuration
include('811_common.php');
date_default_timezone_set('America/Los_Angeles');
// new data
$Member_Code = $_POST['Member_Code'];
$State = $_POST['State'];
$Ticket_Number = $_POST['Ticket_Number'];
$Start_Date = $_POST['Start_Date'];
$Arrive = $_POST['Arrive'];
$Depart = $_POST['Depart'];
$COB01_WATER = $_POST['COB01_WATER'];
$COB01_SEWER = $_POST['COB01_SEWER'];
$COB01_STORM = $_POST['COB01_STORM'];
$COB01_LIGHTS = $_POST['COB01_LIGHTS'];
$COB01_HOURLY = $_POST['COB01_HOURLY'];
$COB01_SV = $_POST['COB01_SV'];
$COB01_ONCALL = $_POST['COB01_ONCALL'];
$NEWB01_POTABLE_WATER = $_POST['NEWB01_POTABLE_WATER'];
$NEWB01_REUSE_WATER = $_POST['NEWB01_REUSE_WATER'];
$NEWB01_DATA_COM = $_POST['NEWB01_DATA_COM'];
$NEWB01_SL = $_POST['NEWB01_SL'];
$Locate_Code = $_POST['Locate_Code'];
$Ticket_Status = $_POST['Ticket_Status'];
$Int_Note = $_POST['Int_Note'];
$Bill_Status = $_POST['Bill_Status'];
$High_Priority = $_POST['High_Priority'];
$Private_Locate = $_POST['Private_Locate'];
$Ticket_Revision_Number = $_POST['Ticket_Revision_Number'];
$db_ID = $_POST['db_ID'];
// query
$sql="UPDATE billing
SET Member_Code = :Member_Code, State = :State, Ticket_Number = :Ticket_Number, Start_Date = :Start_Date, Arrive = :Arrive, Depart = :Depart,
COB01_WATER = :COB01_WATER, COB01_STORM = :COB01_STORM, COB01_SEWER = :COB01_SEWER, COB01_LIGHTS = :COB01_LIGHTS, COB01_HOURLY = :COB01_HOURLY, COB01_SV = :COB01_SV, COB01_ONCALL = :COB01_ONCALL,
NEWB01_POTABLE_WATER = :NEWB01_POTABLE_WATER, NEWB01_REUSE_WATER = :NEWB01_REUSE_WATER, NEWB01_DATA_COM = :NEWB01_DATA_COM, NEWB01_SL = :NEWB01_SL,
Locate_Code = :Locate_Code, Ticket_Status = :Ticket_Status, Int_Note = :Int_Note, Bill_Status = :Bill_Status, High_Priority = :High_Priority, Private_Locate = :Private_Locate, Ticket_Revision_Number = :Ticket_Revision_Number
WHERE db_ID LIKE :db_ID ";
$q = $db1->prepare($sql);
$q->bindValue(':Member_Code', $Member_Code, PDO::PARAM_STR);
$q->bindValue(':State', $State, PDO::PARAM_STR);
$q->bindValue(':Ticket_Number', $Ticket_Number, PDO::PARAM_STR);
$q->bindValue(':Start_Date', $Start_Date, PDO::PARAM_STR);
$q->bindValue(':Arrive', $Arrive, PDO::PARAM_STR);
$q->bindValue(':Depart', $Depart, PDO::PARAM_STR);
$q->bindValue(':COB01_WATER', $COB01_WATER, PDO::PARAM_STR);
$q->bindValue(':COB01_SEWER', $COB01_SEWER, PDO::PARAM_STR);
$q->bindValue(':COB01_STORM', $COB01_STORM, PDO::PARAM_STR);
$q->bindValue(':COB01_LIGHTS', $COB01_LIGHTS, PDO::PARAM_STR);
$q->bindValue(':COB01_HOURLY', $COB01_HOURLY, PDO::PARAM_STR);
$q->bindValue(':COB01_SV', $COB01_SV, PDO::PARAM_STR);
$q->bindValue(':COB01_ONCALL', $COB01_ONCALL, PDO::PARAM_STR);
$q->bindValue(':NEWB01_POTABLE_WATER', $NEWB01_POTABLE_WATER, PDO::PARAM_STR);
$q->bindValue(':NEWB01_REUSE_WATER', $NEWB01_REUSE_WATER, PDO::PARAM_STR);
$q->bindValue(':NEWB01_DATA_COM', $NEWB01_DATA_COM, PDO::PARAM_STR);
$q->bindValue(':NEWB01_SL', $NEWB01_SL, PDO::PARAM_STR);
$q->bindValue(':Locate_Code', $Locate_Code, PDO::PARAM_STR);
$q->bindValue(':Ticket_Status', $Ticket_Status, PDO::PARAM_STR);
$q->bindValue(':Int_Note', $Int_Note, PDO::PARAM_STR);
$q->bindValue(':Bill_Status', $Bill_Status, PDO::PARAM_STR);
$q->bindValue(':High_Priority', $High_Priority, PDO::PARAM_STR);
$q->bindValue(':Private_Locate', $Private_Locate, PDO::PARAM_STR);
$q->bindValue(':Ticket_Revision_Number', $Ticket_Revision_Number, PDO::PARAM_STR);
$q->bindValue(':db_ID', $db_ID, PDO::PARAM_INT);
$q->execute();
?></span>
HIGH_PRIORITY is a MySQL Reserved Word.
https://dev.mysql.com/doc/refman/5.7/en/keywords.html
If you want to use that as an identifier (e.g. the name of a column), references to the identifier must be properly escaped. The normal MySQL pattern is to enclose the identifier in backtick character. For example:
, Bill_Status = :Bill_Status
, `High_Priority` = :High_Priority
, Private_Locate = :Private_Locate
Related
I need to save some values of a JSON into my database SQL.
Database - Table "confrontations"
This is my PHP code
require_once("database.php");
$apiURL = 'https://nico.planethoster.world/api-foot/confrontations/lire.php?annee=2020&semaine=29';
$response = file_get_contents($apiURL);
$jsonResponse = json_decode($response, true);
$items = $jsonResponse['match'];
foreach ($items as $item ) {
$query = "INSERT INTO `confrontations`(`id_match`, `id_equipe1`, `id_equipe2`, `cote1`, `coteN`, `cote2`, `date`, `heure`, `semaine`)
VALUES (:id_match, :id_equipe1, :id_equipe2, :cote1, :coteN, :cote2, :date, :heure, :semaine) ";
$check = $pdo->prepare($query);
$date = $item["date"];
$heure = $item["heure"];
$check->bindParam(':id_match', $item["id_match"], PDO::PARAM_INT);
$check->bindParam(':id_equipe1', $item["id_equipe1"], PDO::PARAM_INT);
$check->bindParam(':id_equipe2', $item["id_equipe2"], PDO::PARAM_INT);
$check->bindParam(':cote1', $item["cote1"], PDO::PARAM_STR);
$check->bindParam(':coteN', $item["coteN"], PDO::PARAM_STR);
$check->bindParam(':cote2', $item["cote2"], PDO::PARAM_STR);
$check->bindValue(':date', $date, PDO::PARAM_STR);
$check->bindValue(':heure', $heure, PDO::PARAM_STR);
$check->bindParam(':semaine', $item["semaine"], PDO::PARAM_INT);
$check->execute();
and that s my error
You are trying to save a row where the primary key (id_match) already exists. So multiple confrontations use the same id_match.
Maybe you already ran this code once. If you run it the second time you have to implement some update routine instead of an insert. E.g. UPDATE confrontations SET x = y WHERE id_match = z;
I'm trying to make my CMS be able to edit different fields (e.g. name). When I hit "Update", though, I get the following error:
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens' in /studenthome.hallam.shu.ac.uk/STUDENTHOME10/1/b5035381/public_html/affinity/cms/process/editRecord.php: in /studenthome.hallam.shu.ac.uk/STUDENTHOME10/1/b5035381/public_html/affinity/cms/process/editRecord.php on line 28 PDOException: SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens in /studenthome.hallam.shu.ac.uk/STUDENTHOME10/1/b5035381/public_html/affinity/cms/process/editRecord.php on line 28 Call Stack: 0.0029 659144 1. {main}() /studenthome.hallam.shu.ac.uk/STUDENTHOME10/1/b5035381/public_html/affinity/cms/process/editRecord.php:0 0.0135 672928 2. PDOStatement->execute() /studenthome.hallam.shu.ac.uk/STUDENTHOME10/1/b5035381/public_html/affinity/cms/process/editRecord.php:28
Here is my code:
<?php
ini_set('display_errors', 1);
// add your includes for connections and functions
// make sure the path is correct
require ('../../includes/conn.inc.php');
require ('../../includes/functions.inc.php');
// sanitize user variables
$splayerName = safeString($_POST['playerName']);
$splayerDescription = safeString($_POST['playerDescription']);
$splayerImage = safeString($_POST['playerImage']);
$splayerRank = safeString($_POST['playerRank']);
$splayerSpec = safeString($_POST['playerSpec']);
$splayerID = safeInt($_POST['playerID']);
// build prepare statement
$sql = "UPDATE affinity SET playerName = :playerName,
playerDescription = :playerDescription,
playerImage = :playerImage,
playerRank = :playerRank,
playerSpec = :playerSpec
WHERE playerID = :playerID";
$stmt = $pdo->prepare($sql);
$stmt->bindParam(':playerName', $splayerName, PDO::PARAM_STR);
$stmt->bindParam(':playerDescription', $splayerDescription, PDO::PARAM_STR);
$stmt->bindParam(':playerImage', $splayerImage, PDO::PARAM_STR);
$stmt->bindParam(':playerRank', $splayerRank, PDO::PARAM_STR);
$stmt->bindParam(':playerRank', $splayerRank, PDO::PARAM_STR);
$stmt->bindParam(':playerSpec', $splayerSpec, PDO::PARAM_INT);
$stmt->execute();
// redirect browser
header("Location: ../cms.php");
// make sure no other code executed
exit;
?>
I'm not sure why this isn't working; how can I fix it?
:playerRank
has been bound 2 times and
:playerID
Haven't been bound.
And :
:playerSpec
Should be bound as a string, not an int.
$stmt->bindParam(':playerName', $splayerName, PDO::PARAM_STR);
$stmt->bindParam(':playerDescription', $splayerDescription, PDO::PARAM_STR);
$stmt->bindParam(':playerImage', $splayerImage, PDO::PARAM_STR);
$stmt->bindParam(':playerRank', $splayerRank, PDO::PARAM_STR);
$stmt->bindParam(':playerSpec', $splayerSpec, PDO::PARAM_STR);
$stmt->bindParam(':playerID', $splayerID, PDO::PARAM_INT);
Where's your bind for playerID? That's whats causing it. You'e binding Rank twice and ID never, and they should be in order correct?
$stmt->bindParam(':playerName', $splayerName, PDO::PARAM_STR);
$stmt->bindParam(':playerDescription', $splayerDescription, PDO::PARAM_STR);
$stmt->bindParam(':playerImage', $splayerImage, PDO::PARAM_STR);
$stmt->bindParam(':playerRank', $splayerRank, PDO::PARAM_STR);
$stmt->bindParam(':playerSpec', $splayerSpec, PDO::PARAM_INT);
$stmt->bindParam(':playerID', $splayerID, PDO::PARAM_STR);
<?php
ini_set('display_errors', 1);
// add your includes for connections and functions
// make sure the path is correct
require ('../../includes/conn.inc.php');
require ('../../includes/functions.inc.php');
// sanitize user variables
$splayerName = safeString($_POST['playerName']);
$splayerDescription = safeString($_POST['playerDescription']);
$splayerImage = safeString($_POST['playerImage']);
$splayerRank = safeString($_POST['playerRank']);
$splayerSpec = safeString($_POST['playerSpec']);
$splayerID = safeInt($_POST['playerID']);
// build prepare statement
$sql = "UPDATE affinity SET playerName = :playerName,
playerDescription = :playerDescription,
playerImage = :playerImage,
playerRank = :playerRank,
playerSpec = :playerSpec
WHERE playerID = :playerID";
$stmt = $pdo->prepare($sql);
$stmt->bindParam(':playerName', $splayerName, PDO::PARAM_STR);
$stmt->bindParam(':playerDescription', $splayerDescription, PDO::PARAM_STR);
$stmt->bindParam(':playerImage', $splayerImage, PDO::PARAM_STR);
$stmt->bindParam(':playerRank', $splayerRank, PDO::PARAM_STR);
$stmt->bindParam(':playerSpec', $splayerSpec, PDO::PARAM_STR);
$stmt->bindParam(':playerID', $splayerID, PDO::PARAM_INT);
$stmt->execute();
// redirect browser
header("Location: ../cms.php");
// make sure no other code executed
exit;
?>
I am trying to get the return value from the SqlServer stored procedure. But it is giving syntax error in my Ubuntu Server which uses FreeTDS.
SQLSTATE[HY000]: General error: 20018 Incorrect syntax near '0'.
[20018] (severity 15) [(null)]
Below is my code:
$stateId = 1;
$testData = 0;
$retVal = 0;
$pdo = DB::connection(env('DBCONNECTION'))->getPdo();
$stmt = $pdo->prepare('EXEC ? = GetMyCities_sp #StateID = ?, #TestData = ?');
$stmt->bindParam(1, $retVal, \PDO::PARAM_INT,20);
$stmt->bindParam(2, $stateId, \PDO::PARAM_INT);
$stmt->bindParam(3, $testData, \PDO::PARAM_INT | \PDO::PARAM_INPUT_OUTPUT, 20);
$result_status = $stmt->execute();
$resultSet = $stmt->fetchAll(\PDO::FETCH_OBJ);
print_r($resultSet);
echo "<br />";
$stmt->nextRowset();
echo "Return value is ".$retVal;
The same works fine in my windows machine. Any idea what is wrong in the code?
IIRC, bound parameters need to be parameters, not procedure names. Can you give this a test, replacing the first ? with the stored procedure name?
$stmt = $pdo->prepare('EXEC your-proc-name = GetMyCities_sp #StateID = ?, #TestData = ?');
$stmt->bindParam(1, $stateId, \PDO::PARAM_INT);
$stmt->bindParam(2, $testData, \PDO::PARAM_INT | \PDO::PARAM_INPUT_OUTPUT, 20);
It has been a long time since I've played with PHP, but you might be able to do this if the first test works:
$stmt = $pdo->prepare('EXEC $retVal = GetMyCities_sp #StateID = ?, #TestData = ?');
So I have a rather big form that is used to update the database. I am having trouble now with this block of code that inserts data from a form. Previously it was working but I changed the form to show "open" transactions so a user knows which transaction number to close. Now I get syntax/access violations. Rtransid is the key, if anyone was wondering. Thanks for any help.
//If there are any errors, display the form again. Otherwise, insert the data
if(!count($errors)){
$sql = "UPDATE repairorder SET
date = :date,
tech = :tech,
dispatcher = :dispatcher,
booth = :booth,
worktype = :worktype,
descript = :descript,
comment = :comment,
fstop = :fstop,
devtemp = :devtemp,
counter = :counter,
numstrips = :numstrips,
fserial = :fserial,
status = :status,
odate = :odate,
cdate = :cdate,
WHERE rtransid = :rtransid";
$stmt = $db->prepare($sql);
$stmt->bindParam(':rtransid', $_POST['rtransid'], PDO::PARAM_STR);
$stmt->bindParam(':date', $_POST['date'], PDO::PARAM_STR);
$stmt->bindParam(':tech', $_POST['tech'], PDO::PARAM_STR);
$stmt->bindParam(':dispatcher', $_POST['dispatcher'], PDO::PARAM_STR);
$stmt->bindParam(':booth', $_POST['booth'], PDO::PARAM_STR);
$stmt->bindParam(':worktype', $_POST['worktype'], PDO::PARAM_INT);
$stmt->bindParam(':descript', $_POST['descript'], PDO::PARAM_STR);
$stmt->bindParam(':comment', $_POST['$comment'], PDO::PARAM_STR);
$stmt->bindParam(':fstop', $_POST['fstop'], PDO::PARAM_STR);
$stmt->bindParam(':devtemp', $_POST['devtemp'], PDO::PARAM_STR);
$stmt->bindParam(':counter', $_POST['counter'], PDO::PARAM_STR);
$stmt->bindParam(':numstrips', $_POST['numstrips'], PDO::PARAM_STR);
$stmt->bindParam(':fserial', $_POST['fserial'], PDO::PARAM_STR);
$stmt->bindParam(':status', $_POST['status'], PDO::PARAM_STR);
$stmt->bindParam(':odate', $_POST['odate'], PDO::PARAM_STR);
$stmt->bindParam(':cdate', $_POST['cdate'], PDO::PARAM_INT);
//var_dump($stmt); //used for error control in dummy server
$stmt->execute();
}
If the error message looks like this You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE rtransid = ...' at line 1, you should update your query like so.
$sql = "UPDATE repairorder SET
date = :date,
tech = :tech,
dispatcher = :dispatcher,
booth = :booth,
worktype = :worktype,
descript = :descript,
comment = :comment,
fstop = :fstop,
devtemp = :devtemp,
counter = :counter,
numstrips = :numstrips,
fserial = :fserial,
status = :status,
odate = :odate,
cdate = :cdate
WHERE rtransid = :rtransid";
You probably miss the comma after :cdate
Sirs! I have a php script that handles multiple row update with PDO.
I want to add a checkbox that updates my database specific column by timestamp 30days from now if ticked.
The problem is ofc, when it is not ticked, there would be no value sent to its key, so I would end up with: It returns this error
Uncaught exception 'PDOException' with message SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use...
So I'm asking for help if there's turn around for this, here is my PHP code:
if (isset($_POST['submit'])) {
$stmt = $db->prepare("UPDATE `$tbl_name` SET `ssl`=:ssl, `exp`=:exp, `country`=:country, WHERE id=:id");
$stmt->bindParam(':id', $id, PDO::PARAM_INT);
$stmt->bindParam(':ssl', $ssl, PDO::PARAM_STR);
$stmt->bindParam(':exp', $exp, PDO::PARAM_STR);
$stmt->bindParam(':country', $country, PDO::PARAM_STR);
foreach ($_POST['ssl'] as $id => $ssl) {
if(isset($_POST['thirtydays'][$id])){
$exp = $_POST['thirtydays'][$id];
}
$country = $_POST['country'][$id];
$stmt->execute();
}
echo '<h1>Updated the records.</h1>';
}
exp is the timestamp column. Here is the checkbox as HTML:
<input type="checkbox" name="thirtydays[80]" value="2014-02-04 04:04:53">
<input type="text" name="country[80]" value="DE" />
<input type="text" name="ssl[80]" value="false"/>
Note the structure: thirtydays[$id], the timestamp in value is generated by date( "Y-m-d H:i:s",strtotime("+30 days"))
Hope somebody can help me. Thanks in advance and more power.
$exp=''; $country=''; $ssl='';
if (isset($_POST['submit'])) {
$stmt = $db->prepare("UPDATE `$tbl_name` SET `ssl`=:ssl, `exp`=:exp, `country`=:country WHERE id=:id");
$stmt->bindParam(':id', $id, PDO::PARAM_INT);
$stmt->bindParam(':ssl', $ssl, PDO::PARAM_STR);
$stmt->bindParam(':exp', $exp, PDO::PARAM_STR);
$stmt->bindParam(':country', $country, PDO::PARAM_STR);
foreach ($_POST['ssl'] as $id => $ssl) {
if(isset($_POST['thirtydays'][$id])){ $exp = $_POST['thirtydays'][$id]; }
$country = $_POST['country'][$id];
$stmt->execute();
}
echo '<h1>Updated the records.</h1>';
Query is executed only when checkbox is checked since if (isset($_POST['thirtydays'][$id]))
Also you set the $exp variable after you bind it to statement.
Same goes to $country variable
if (isset($_POST['submit'])) {
$stmt = $db->prepare("UPDATE `$tbl_name` SET `ssl`=:ssl, `exp`=:exp, `country`=:country WHERE id=:id");
$stmt->bindParam(':id', $id, PDO::PARAM_INT);
$stmt->bindParam(':ssl', $ssl, PDO::PARAM_STR);
foreach ($_POST['ssl'] as $id => $ssl) {
if(isset($_POST['thirtydays'][$id])){
$exp = $_POST['thirtydays'][$id];
} else {
$exp = '';
}
$country = $_POST['country'][$id];
$stmt->bindParam(':exp', $exp, PDO::PARAM_STR);
$stmt->bindParam(':country', $country, PDO::PARAM_STR);
$stmt->execute();
}
echo '<h1>Updated the records.</h1>'; }
You have comma just before WHERE in your statement. This may be the problem.
To all who wonders (probably) what's actually wrong with the OP's code: inside the UPDATE `$tbl_name` SET `ssl`=:ssl, `exp`=:exp, `country`=:country, WHERE id=:id, the comma before WHERE is a syntax error. That's all.