Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 7 years ago.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Improve this question
evening all, i have an issue with a syntax sql error
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'where username = danny (name, url, banner, description, sponsor, date, password)' at line 1
Here is my code
$query = "UPDATE websites where username = $login_session (name, url, banner, description, sponsor, date, password) VALUES ('$n', '$b', '$d', '0', now(), SHA('$p'))";
Your MySQL query is wrong, as the error says, check the manual.
In UPDATE you don't use table(field,field1) values('value','value1') like in INSERT, you use field='value', field1='value1' also, WHERE should be at the end, the right order is query + where + order + limit. MySQL is not that flexible.
That's because your UPDATE statement syntax is wrong. Check MySQL documentation for proper UPDATE syntax. I think you meant to do a INSERT rather
INSERT INTO websites (name, url, banner, description, sponsor, date, password)
VALUES ('$login_session', '$n', '$b', '$d', '0', now(), SHA('$p'))
EDIT:
I think this is what you are after
UPDATE websites SET name = '$n',
url = '$b',
banner = '$d',
description = '0',
sponsor = 'some_value_here',
date = now(),
password = SHA('$p')
where username = '$login_session';
Related
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 6 years ago.
Improve this question
I have a mysql query and I keep on getting a syntax error. I ran it through different debugging tools and haven't found anything. Is tehre anything i'm missing.
My Query
INSERT INTO futureposts
(
ID,
username,
postedby,
link,
message,
picture,
name,
caption,
description,
groups,
type
)
VALUES
('','1','CodeCompiler','CodeCompiler,'','','','','','','default','daily')
The error
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'default','daily')' at line 1
You missed ' code after CodeCompiler so change your query from
INSERT INTO futureposts (ID, username, postedby, link, message, picture, name, caption, description, groups, type) VALUES ('','1','CodeCompiler','CodeCompiler,'','','','','','','default','daily')
to
INSERT INTO futureposts (ID, username, postedby, link, message, picture, name, caption, description, groups, type) VALUES ('','1','CodeCompiler','CodeCompiler','','','','','','default','daily')
and also there is one extra column added in query , check it and remove extra column
You missed ' (closing quote) after CodeCompiler
....VALUES ('','1','CodeCompiler','CodeCompiler,'','....
Also one change that you need to do that is you are giving 12 values to 11 column..I have checked personally in my phpmyadmin by creating same table.
So your final query will be
INSERT INTO futureposts (ID, username, postedby, link, message, picture, name, caption, description, groups, type) VALUES ('','1','CodeCompiler','','','','','','','default','daily');
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 7 years ago.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Improve this question
I am trying to execute the following query:
INSERT INTO table_timesheet (name, datein, dateout)
VALUES ('Rupert', 'NOW()', '')
WHERE NOT EXISTS (
SELECT name FROM table_listnames WHERE datein='NOW()'
);
But this returns an error.
Basically I don't want to insert a record if the 'datein' field of the record already exists in another record - how to check if the new datein is unique?
And how can i insert in the same way the date out on the same row something like an update the datein row?
This INSERT query will do exactly what you want:
INSERT INTO table_timesheet (name, datein, dateout)
SELECT 'Rupert', NOW(), null
FROM DUAL
WHERE NOT EXISTS (
SELECT * FROM table_listnames WHERE datein=NOW()
);
Please see it here. But a proper solution would be to set a table constraint. How are table_timesheet and table_listnames related? I would use a unique constraint on the datein column, but this depends on what are your requirements.
first check this query (using MYSQLI or PDO ) if this query return false than you insert record
IF... this return false
SELECT name FROM table_listnames WHERE datein='NOW()'
FALSE
INSERT INTO table_timesheet (name, datein, dateout)VALUES ('Rupert', 'NOW()', '')
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 7 years ago.
Improve this question
I've been trying to insert a tuple into my relation, but it doesn't seem to work.
<?php
$link=mysql_connect ("connection", "name", "pw");
mysql_select_db('pizzaria');
$sql = "INSERT INTO pizza_bakery (Name, Address, Telenum)
VALUES ('Test', 'Test', '111')";
?>
The connection seems to go through ok, as I'm able to print the table out easily on my html page, why is this failing?
Your insert statement should look something like this:
$sql = "INSERT INTO pizza_bakery (Name, Address, Telenum)
VALUES ('Test', 'Test', 111)";
Reason: The last column (Telenum) is an integer datatype and the insert statement was treating it like a string.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Closed 9 years ago.
Improve this question
Been sitting here all morning trying to improve safety when users create a new user in my system. And finally when everything is fixed and everything works, and at the end of the code where i send informations to the database, im getting a SQL syntax error sigh!!
Here's the error i get:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'by) VALUES('tester', 'blabla', 'xx', 'bla#bla.dk', '1387708599', './gfx/profilbi' at line 1
And heres my code..
mysql_query("INSERT INTO brugere (brugernavn, kodeord, salt_encrypt, email, timestamp, img, ip, status, by) VALUES('$_POST[brugernavn]', '$_POST[kode]', 'vissevasse', '$_POST[email]', '$time', '$uploadfile', '$ip_adresse', '0', '$_POST[by]') ") or die(mysql_error());
hope you guys can spot this one, because i can't!
BY is a mysql reserved keyword you need to wrap it with back-ticks
INSERT INTO brugere (`brugernavn`, `kodeord`, `salt_encrypt`, `email`, `timestamp`, `img`, `ip`, `status`, `by`) ....
Reserved Words in MySQL
by
is a reserved mysql keyword
even when you code no longer will throw an error it is HIGHLY advisable that you do NOT use something like
'$_POST[brugernavn]'
directly in a query. Google for sql injection and maybe also consider what xkcd has to say about this
Your code is vulnerable to SQL Injection.
fetch post parameter using
$something = mysqli_real_eacape_string($_POST['<something>']);
and then use that variable in your insert query.
Also since mysql is deprecated use mysqli/PDO
For reserved mysql keyword try to use back tick character (`)
eg:
INSERT INTO users (by) VALUES ('Jibran')
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question appears to be off-topic because it lacks sufficient information to diagnose the problem. Describe your problem in more detail or include a minimal example in the question itself.
Closed 8 years ago.
Improve this question
With a the code,
mysql_query("INSERT INTO Messages (Message, toUser, From, Date) VALUES ('$mes','$to','$from','$date')")
I'm getting an SQL syntax error. What is the reason for this? I see nothing wrong with the syntax.
DATE is a reserved word in SQL, so I gather that it's triggering a syntax error when you use it as a column name because MySQL tries to parse it as something other than a column name.
Either escape your identifiers with backticks:
mysql_query("INSERT INTO `Messages` (`Message`, `toUser`, `From`, `Date`) VALUES ('$mes','$to','$from','$date')")
Or better, see if you can rename the column to something else that doesn't need escaping.
My guess is someone put a ' in one of the variables, thus making a query like
INSERT INTO Messages (Message, toUser, From, Date) VALUES ('Test','Joe O'Neil','Jack Smith','2011-12-20')
This is a syntax error because of the ' in "O'Neil". You need to escape your variables before using them in SQL.
$mes = mysql_real_escape_string($mes);
$to = mysql_real_escape_string($to);
$from = mysql_real_escape_string($from);
$date = mysql_real_escape_string($date);
mysql_query("INSERT INTO Messages (Message, toUser, From, Date) VALUES ('$mes','$to','$from','$date')");
Make your query, like:
//use mysql_real_escape_string for variables
mysql_query("INSERT INTO Messages (`Message`, `toUser`, `From`, `Date`) VALUES ('$mes','$to','$from','$date')")
There's probably a character in your variables that requires escaping. Use mysql_real_escape_string as described here: http://php.net/manual/en/function.mysql-real-escape-string.php