This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 7 years ago.
I'm getting a syntax error with this block of code, and I have no idea why. Here is the specific error itself:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'match ORDER BY id DESC' at line 1
Here is the PHP code block:
$sql = "SELECT * FROM match ORDER BY id DESC";
$res = mysqli_query($dbCon, $sql);
MATCH is a reserved keyword in mysql: https://dev.mysql.com/doc/refman/5.0/en/keywords.html
To make your code working change your query to:
$sql = "SELECT * FROM `match` ORDER BY id DESC";
Related
This question already has answers here:
How can I prevent SQL injection in PHP?
(27 answers)
Closed 7 years ago.
I have an application which takes the information of a mysql database(a music-db) and shows it via echos in a div. Everything works fine.
Now I wanted to add a search bar so you can search the database for a specific song.
The search bar just loads a php file with a mysql query. The word or the letters you want to search for are passed via a varbiable in the link(for example test.php?searchvalue=it).
Now my problem: I get the following Mysql-error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
The quotes in the error are single quotes!
The Query is:
$searchvalue = $_GET["searchvalue"];
$query = mysql_query("select SongID, Songtitel, artwork, duration, SCID from tMusic where Songtitel LIKE '%$searchvalue%'") or die(mysql_error());
Why is this wrong?
Thanks for help.
$searchvalue = $_GET["searchvalue"];
$query = mysql_query("select SongID, Songtitel, artwork, duration, SCID from tMusic where Songtitel LIKE '%".mysql_real_escape_string($searchvalue)."%'") or die(mysql_error());
This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 7 years ago.
i am writing this command
$result = mysql_query("SELECT * FROM register where name= ‘lakhan’ ") or die(mysql_error());
and when running the php file it shows:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '‘lakhan’'
I am using MySql Server 5.5 AND INSTEAD OF = sign i have used LIKE also in query then too error is coming.Please help me to resolve it
Use single quotes arround the value:
$result = mysql_query("SELECT * FROM register where name= 'lakhan' ") or die(mysql_error());
Do not longer use the deprecated mysql_* API. Use mysqli_* or PDOwith prepared statements.
This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 8 years ago.
I have mySQL tables namely q1 , q2 , q3 and so on....
now the following code is in loop with $n increasing with every step of loop.
$table = "q".$n;
$query="SELECT MAX(QNO) AS max2 FROM '$table'";
$q=mysqli_query($db,$query) or die("Error: ".mysqli_error($db));
$max2 = mysqli_fetch_array($q);
This gives me an error
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"q1"' at line 1
How to solve this problem and putting new name of table everytime in the query?
$query="SELECT MAX(QNO) AS max2 FROM $table"; is enough
Please change
'$table'
into
`$table`
in the query:
"SELECT MAX(QNO) AS max2 FROM '$table'";
so it looks like:
"SELECT MAX(QNO) AS max2 FROM `$table`";
This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 8 years ago.
I can not find out why this is not working.....
i keep getting this message
Query failed: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''laketaho_benny'.'tblPictures' SET 'caption' = 'uuuuuuuuuupppp' WHERE 'tblPic' at line 1
and this is my code
$sql = "UPDATE `laketaho_benny`.`tblPictures` SET `caption` = `$caption` WHERE `tblPictures`.`pictureID` =$pictureID;";
Single quotes are for strings. You're thinking of backquotes ( ` ).
This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 9 years ago.
I have a MySQL query I'm running. I want to add 1 to a field called articleswritten.
I get this error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''users' SET articleswritten = articleswritten + 1 WHERE id = '1'' at line 1
Code:
$sql = "UPDATE 'users' SET articleswritten = articleswritten + 1 WHERE `id` = '$userid'";
$result = mysql_query($sql) or die(mysql_error());
I can't find an issue. Am I blind?
Any help would be appreciated.
This should either be
UPDATE `users`
Or just
UPDATE users
The single quotes make the table name invalid. Everything else in the query is okay.
However, your query is vulnerable to injection. Instead of using ext/mysql, you should use properly parameterized queries with PDO or mysqli
You don't need to single quote the table name here. This should do
$sql = "UPDATE users SET articleswritten = articleswritten + 1 WHERE id = '$userid'";