This question already has an answer here:
Syntax error due to using a reserved word as a table or column name in MySQL
(1 answer)
Closed 7 years ago.
I'm working on a little browser game, but when I have a condition in connection to MySQLi database, it doesn't work.
In else closure it should write $name, but it doesn't.
if ($conn->connect_error){
die("Connection failed: ".$conn->connect_error);
}
else{
//IF CONNECTION IS GOOD, GET DATA FROM DATABASE
$query = "SELECT name, separator, description, maintenance FROM configuration";
$result = mysqli_query($conn, $query);
$row = mysqli_fetch_assoc($result);
$name = $row['name'];
//this ↓↓↓
echo $name;
}
Use back ticks (``) when using reserved words.
From,
$query = "SELECT name, separator, description, maintenance FROM configuration";
To,
$query = "SELECT name, `separator`, description, maintenance FROM configuration";
Try with backticks:
$query = "SELECT name, `separator`, description, maintenance FROM configuration";
Related
This question already has answers here:
How to include a PHP variable inside a MySQL statement
(5 answers)
Closed 3 years ago.
I'm making a quiz and once the calculation of the grade is finished, I want to add that data to test_attempt table.
Here's its structure.
Here's the code of the query:
<?php
$connection = mysqli_connect("localhost", "root", "", "vartvald");
if ($connection->connect_error) {
die("Connection failed:" . $connection->connect_error);
}
$user=$_SESSION['user'];
$userid=$_SESSION['userid'];
$sql = "INSERT INTO test_attempts (date, id, mark, top_mark, fk_user, fk_test) VALUES
('',null,'$grade','$top_grade','$userid','$fk');";
var_dump($sql);
$connection->close();
?>
What am I doing wrong?
You have few mistakes. Your main problem is that you never prepared any query and never executed it. To do it you need to use prepare(), bind_param(), and execute(). Also you are not opening the mysqli connection correctly and your error checking will never work (Please read: Should we ever check for mysqli_connect() errors manually?)
After fixing your errors your code would look something like this:
<?php
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$connection = new mysqli("localhost", "root", "", "vartvald");
$connection->set_charset('utf8mb4');
$user = $_SESSION['user'];
$userid = $_SESSION['userid'];
$stmt = $connection->prepare('INSERT INTO test_attempts (date, id, mark, top_mark, fk_user, fk_test) VALUES(NULL,NULL,?,?,?,?)');
$stmt->bind_param('ssss', $grade, $top_grade, $userid, $fk);
$stmt->execute();
I have not validated whether your SQL is correct in itself, but if you have error reporting switched on, PHP should tell you if you have a mistake.
Your code will never add data in the database because you aren't calling any funciton that insert data:
$sql = "INSERT INTO test_attempts (date, id, mark, top_mark, fk_user, fk_test) VALUES
('',null,'$grade','$top_grade','$userid','$fk');";
var_dump($sql);
// missed code to insert data in the database
$connection->close(); // here you close the connection
Before closing the connection, call mysqli_query:
mysqli_query($connection,"$sql");
Try this:
$sql = "INSERT INTO test_attempts (date, id, mark, top_mark, fk_user, fk_test) VALUES
(CURRENT_TIMESTAMP,null,'$grade','$top_grade','$userid','$fk');";
Try the following, here you can see that the CURRENT_TIMESTAMP is passed as first params for data and also below the $sql you can see the mysqli_query which is useed here to execute the insert query.
$sql = "INSERT INTO test_attempts (date, id, mark, top_mark, fk_user, fk_test) VALUES
(CURRENT_TIMESTAMP,null,'$grade','$top_grade','$userid','$fk');";
mysqli_query($connection, $sql);
This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
(2 answers)
Closed 5 years ago.
I´m new in php programming and so i tried to connect my php file with an sql database. It´s working till i come to the point were i want to use a query and execute them. Can someone please help me why i always get "Error querying database"?
$query = "INSERT INTO user (surname, name, e-mail, password) VALUES ('$text', '$text2', '$text3', '$text4')";
$query2 = "CREATE TABLE $text3 (
name VARCHAR(30) PRIMARY KEY,
password VARCHAR(30))";
//make the query
$result = mysqli_query($db, $query) or die('Error querying database.');
$result2 = mysqli_query($db, $query2) or die('Error querying database1.');
I am defenitely connected with the database before.
My second question is the right use of the Create Table statement. I want to create a table which is named like the users E-mail address. Is this the right usage?
CREATE TABLE $text3 (
name VARCHAR(30) PRIMARY KEY,
password VARCHAR(30))";
I especially want to know if i need to set ' before the $text3 or not.
I solved this Problem with the help of #FunkFortyNiner the problem is the - between the e-mail. I neededt to remove it.
Now the code looks like this:
$query = "INSERT INTO user (surname, name, email, password) VALUES ('$text', '$text2', '$text3', '$text4')";
$query2 = "CREATE TABLE $text3 (
name VARCHAR(30) PRIMARY KEY,
password VARCHAR(30))";
//make the query
$result = mysqli_query($db, $query) or die('Error querying database.');
$result2 = mysqli_query($db, $query2) or die('Error querying database1.');
Use
die('Error querying database.' . mysqli_error($db) );
To know about the exact error.
More specifically use e_mail or email instead of e-mail as the column name in your db schema.
This question already has answers here:
Can I mix MySQL APIs in PHP?
(4 answers)
Closed 6 years ago.
i try this code to import a CSV file into my database but i got this error : Warning: mysqli::query(): Empty query
$db = new mysqli('localhost','root','', 'BD_Conference');
$sql=mysql_query("INSERT INTO tbl_conference (pid, name, chairs,keynote, abstract, speaker, affiliation, ville, pays, salle, date, time, session, image_url) VALUES ('','$champs1','$champs2','$champs3','$champs4','$champs5','$champs6','$champs7','$champs8','$champs9','$champs10','$champs11','$champs12','$champs13')");
$result = $db-> query($sql) ;
check proper mysqli connection code should be
$db= mysqli_connect('localhost','root','', 'BD_Conference');
$sql=("INSERT INTO tbl_conference (pid, name, chairs,keynote, abstract, speaker, affiliation, ville, pays, salle, date, time, session, image_url) VALUES ('','$champs1','$champs2','$champs3','$champs4','$champs5','$champs6','$champs7','$champs8','$champs9','$champs10','$champs11','$champs12','$champs13')");
$result = mysqli_query($db,$sql) ;
please use mysqli_query instead of mysql_query. So the connection is opened using mysqli.
$db = new mysqli('localhost','root','', 'BD_Conference');
if ($db->connect_errno) {
echo "Errno: " . $mysqli->connect_errno . "\n";
}
$sql="INSERT INTO tbl_conference (pid, name, chairs,keynote, abstract, speaker, affiliation, ville, pays, salle, date, time, session, image_url) VALUES ('','$champs1','$champs2','$champs3','$champs4','$champs5','$champs6','$champs7','$champs8','$champs9','$champs10','$champs11','$champs12','$champs13')";
$result = $db->query($sql) ;
This question already has an answer here:
Syntax error due to using a reserved word as a table or column name in MySQL
(1 answer)
Closed 7 years ago.
I have no idea why this is not returning anything. I'll show the code and talk through the steps I've taken.
if (isset($_GET['observation'])) {
require_once("../func/connect.php");
$query = "SELECT * FROM observations WHERE option = ?";
$stmt = $db->prepare($query);
$stmt->bindValue(1, $_GET['observation']);
$stmt->execute();
$row = $stmt->fetch(PDO::FETCH_ASSOC);
echo $row['question'];
} else {
echo 'nope';
}
$row dumps a false boolean, $row['question'] is null.
I've wrote about a million queries and don't have a clue why this doesn't work.
Database table observations consists of id, question & option and the bindValue is correct to match a string in the database.
However, it returns null.
option is a reserved word in mysql so you need to quote it with backticks:
$query = "SELECT * FROM observations WHERE `option` = ?";
This question already has an answer here:
Syntax error due to using a reserved word as a table or column name in MySQL
(1 answer)
Closed 8 years ago.
I am trying to insert data into a database through php.. Easy enough (I thought). I can't figure out what I am doing wrong. Here is my code:
$DB_HostName = "localhost:8888";
$DB_Name = "Sample";
$DB_User = "root";
$DB_Pass = "root";
$DB_Table = "Check";
$con = mysql_connect($DB_HostName,$DB_User,$DB_Pass) or die(mysql_error());
mysql_select_db($DB_Name,$con) or die(mysql_error());
$sql = "INSERT INTO $DB_Table (name) VALUES ('Sally') ";
mysql_query($sql) or die ("Error with Result");
mysql_close($con);
It gives me an error saying "Error with Result". This means that it must be connecting to the database correctly and everything is working right except for the end part.. What am I missing? If I say (msql_error()) it also does tell me to check the $sql. I can't figure out though what I am typing in wrong.
escape your database name with backtick
$sql = "INSERT INTO `$DB_Table` (name) VALUES ('Sally') ";
or
$sql = "INSERT INTO `" . $DB_Table . "` (name) VALUES ('Sally') ";
CHECK is a MySQL Reserved Keyword.
MySQL Reserved Keyword List
How can I prevent SQL injection in PHP?
I can't stress this enough, don't use mysql_ functions, that time has gone. Use either mysqli or PDO.
A simple way to check what is wrong with your SQL query is to add an error flag on the end of your die statement mysql_query($sql) or die ("Error with Result<br>".mysql_error());
It appears in your case that check is a constraint used to limit the value range that can be placed in a column. You would need to identify that it is a table using "`":
$sql = "INSERT INTO `$DB_Table` (name) VALUES ('Sally') ";