This question already has answers here:
PHP parse/syntax errors; and how to solve them
(20 answers)
Closed 7 years ago.
Below is my code -
$insert_details = array("username"=>"pavan", "firstname"=>"pavan", "lastname"=>"r", "profile_about"=>"My name is Pavan R.");
$connection->insert($insert_details);
public function insert(array $insert_details) {
$insert_query = "INSERT INTO user (username,firstname,lastname,profile_about) VALUES ($insert_details['username'],$insert_details['firstname'],$insert_details['lastname'],insert_details['profile_about'])";
$run_insert_query = mysqli_query($this->mysql_con, $insert_query);
if ($run_insert_query) {
$select_query = "SELECT * FROM user ORDER BY id DESC LIMIT 1";
$run_select_query = mysqli_query($this->mysql_con, $select_query);
while ($selected_row = mysqli_fetch_array($run_select_query)) {
$id = $selected_row['id'];
$username = $selected_row['username'];
$firstname = $selected_row['firstname'];
$lastname = $selected_row['lastname'];
$profile_about = $selected_row['profile_about'];
}
$es_insert = array();
$es_insert['body'] = array('id' => $id, 'username' => $username, 'firstname' => $firstname, 'lastname' => $lastname, 'profile_about' => $profile_about);
$es_insert['index'] = 'test';
$es_insert['type'] = 'jdbc';
$es_insert['id'] = $id;
$check_insert = $this->es_con->index($es_insert);
if($check_insert) {
echo nl2br("Successfully inserted to both database and elasticsearch\n");
}
}
else {
echo nl2br("Failed to insert into database hence closing the connection\n");
}
}
When I run the code I get the following error -
PHP Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE), expecting identifier (T_STRING) or variable (T_VARIABLE) or number (T_NUM_STRING) in /var/www/html/es/combined.php on line 38
This is because of the SQL query ($insert_query). Can someone please help me debug this?
Also is there a way to extract the index names from array and pass it to database fields.In the above code, I've declared an associative array with index names same as my database column names. Is it possible to get those array index names and optimize the SQL query to just -
$insert_query = "INSERT INTO user VALUES ($insert_details['username'],$insert_details['firstname'],$insert_details['lastname'],insert_details['profile_about'])";
It should automatically extract the suitable column names from the array index name.
You cannot quote array keys in "-quoted strings:
php > echo "$arr['foo']";
PHP Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE), expecting identifier (T_STRING) or variable (T_VARIABLE) or number (T_NUM_STRING) in php shell code on line 1
Either go with
$sql = "... $insert_details[username] ..."
^-------^---no quotes
or
$sql = "... {$insert_details['username']} ..."
^---------------------------^---brace syntax
And note that you are vulnerable to sql injection attacks.
Related
This question already has answers here:
How can I access an object attribute that starts with a number?
(3 answers)
Closed 2 years ago.
I would like to get a value of my mysql table.
the column name has got numbers.
$temp= array();
$sql = "SELECT `00003A` FROM `table`";
$statement = $mysqli->prepare($sql);
$statement->execute();
$result = $statement->get_result();
while($row = $result->fetch_object()) {
temp[] = $row->00003A;
}
I get this error:
Parse error: syntax error, unexpected '00003' (T_LNUMBER), expecting identifier (T_STRING) or variable (T_VARIABLE) or '{' or '$' on line 19
This is line 19:
temp[] = $row->00003A;
You can try save this value in a variable like:
$prop = '00003A';
temp[] = $row->$prop;
Or get data with
temp[] = $row['00003A'];
This question already has answers here:
PHP parse/syntax errors; and how to solve them
(20 answers)
How can I prevent SQL injection in PHP?
(27 answers)
Closed 3 years ago.
Single quotes inside single quotes in php, I don't know how to get the $_SESSION variable inside a string.
Having issues with the formatting of this line.
I have been looking at multiple answers similar, but got none of them working:
How do I use single quotes inside single quotes?
syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE) in Insert statement
$sql = "INSERT INTO pushtable (uidUsers, pushAntall, pushDato, pushKlokkeslett) VALUES ('$_SESSION['uid']', '$pushAntall', '$pushDato', '$pushKlokkeslett')";
ERROR
Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE),
expecting '-' or identifier (T_STRING) or variable (T_VARIABLE) or
number (T_NUM_STRING)
Also tried:
$sql = "INSERT INTO `pushtable` (`uidUsers`, `pushAntall`, `pushDato`, `pushKlokkeslett`) VALUES ('{$_SESSION['uid']}', '$pushAntall', '$pushDato', '$pushKlokkeslett');";
ERROR
Notice: Undefined variable: _SESSION
How can i solve this?
-SOLVED-
$sql = "INSERT INTO pushtable (uidUsers, pushAntall, pushDato, pushKlokkeslett) VALUES ('"·$_SESSION['uid'] ."', '$pushAntall', '$pushDato', '$pushKlokkeslett')";
An elegant solution is to use sprinf sprintf
$sql = sprintf("INSERT INTO pushtable (uidUsers, pushAntall, pushDato,
pushKlokkeslett) VALUES ('%s', '%s', '%s', '%s')",
$_SESSION['uid'],
$pushAntall,
$pushAntall,
$pushKlokkeslett
);
Or fix your code:
$sql = "INSERT INTO pushtable (uidUsers, pushAntall, pushDato, pushKlokkeslett) VALUES ('". $_SESSION['uid'] ."', '$pushAntall', '$pushDato', '$pushKlokkeslett')";
Also check string operators
This question already has answers here:
PHP parse/syntax errors; and how to solve them
(20 answers)
Closed 3 years ago.
I'm adding [] this symbol within an execute() in PDO, and it returns error.
I'm working in WAMP5
$sqlStatement="
SELECT *
FROM $table_results
WHERE title = ? AND id_category = ?
";
$stmt = $bdConection->prepare($sqlStatement);
$stmt->execute([$title, $id_category]);
echo $stmt->rowCount();
It works well if I delete WHERE title = ? AND id_category = ? and [$title, $id_category] bur returns more results, instead of adding those ... then
IT RETURNS:
Parse error: syntax error, unexpected '[', expecting ')' in
I can reproduce this error with PHP 5.2. Documentation about PHP array's syntax states:
... As of PHP 5.4 you can also use the short array syntax, which
replaces array() with []. ...
What you can do in your case is to define an array using array():
<?php
$sqlStatement = "
SELECT *
FROM $table_results
WHERE title = ? AND id_category = ?
";
...
$stmt = $bdConection->prepare($sqlStatement);
$stmt->execute(array($title, $id_category));
echo $stmt->rowCount();
...
?>
This question already has answers here:
How can I combine two strings together in PHP?
(19 answers)
PHP parse/syntax errors; and how to solve them
(20 answers)
Closed 4 years ago.
In my php I make this query
$sql = "SELECT * FROM session WHERE sessionid = '$_SESSION["id"]';";
which results in an error
Parse error: syntax error, unexpected '"', expecting '-' or identifier
(T_STRING) or variable (T_VARIABLE) or number (T_NUM_STRING) in
/opt/lampp/htdocs/Chore-Champs/index.php on line 6
Obviously there is something wrong with how I'm nesting the quotes, so I've tried different ways, including
$sql = "SELECT * FROM session WHERE sessionid = " . $_SESSION['id'] . ";";
this still results in the same error.
Normally the first method would work with normal variables such as $username, but I guess that session variables are handled differently. What's the correct way to write this query?
Try
$sql = "SELECT * FROM session WHERE sessionid = '" . $_SESSION['id'] . "';";
A basic string concatenation in php
try this:
$sql = "SELECT * FROM session WHERE sessionid = '". $show. "'";
This question already has answers here:
PHP parse/syntax errors; and how to solve them
(20 answers)
Closed 7 years ago.
I am trying to assign the contents of a 2D array to a string in PHP.
$sql="SELECT Order_Code FROM Order WHERE CUST_CODE = '$output['username']';";
I know the problem exists in how I'm writing the $output variable assignment.
The following line of code outputs the correct data from the variable:
echo $output['username'];
The following error is being thrown:
Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE), expecting identifier (T_STRING) or variable (T_VARIABLE) or number (T_NUM_STRING)
Parameters surrouned by curly brackets will work well in your case. Here is what i mean. {$array['key']}
And for your example:
$sql="SELECT Order_Code FROM Order WHERE CUST_CODE = '{$output['username']}';";
You need to concatenate this string as the multiple single quotes from accessing the array element are mixing up the string.
$sql="SELECT Order_Code FROM Order WHERE CUST_CODE = '" . $output['username'] ."';";
Try this:
$sql="SELECT Order_Code FROM Order WHERE CUST_CODE = '".$output['username']."'";
You can also try this:
$user_name = $output['username'];
$sql = "SELECT Order_Code FROM Order WHERE CUST_CODE = $user_name";