MYSQL INSERT syntax error with incorrect line number - php

I'm currently working on creating a login system, one part of which is of course registration. It's been going smoothly up until this point, where I'm getting an error.
I've researched this as thoroughly as I can, but I can't find the solution as it is giving me an incorrect line number.
The error I'm getting is:
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' at line 1
My SQL query is
$token = (round(microtime(true) * 1000));
$query = mysql_query("INSERT INTO "
. "`users` "
. "(name, password, email, token) "
. "VALUES "
. "('$_POST[user]'"
. ",'".hash('sha512',$_POST['pass'])."'"
. ",'$_POST[email]'"
. ",'$token')") or die(mysql_error());
if (mysql_query($query) === TRUE) {
//echo "Sucsessfuly registered! Check your email for a confirmation link.";
} else {
echo "Error: " . mysql_error();
}
(this is not the first line of the file, it's the 22d)
When the code runs, even though it throws the error it still is inserting the values into the table correctly.
Also when I run the same query in phpmyadmin, it runs just fine with no errors.
I've been trying to solve this error for the last 3 hours so any help would be appreciated ;)


You're calling mysql_query twice: first with the SQL, and then you're using the result of the query as if it were a query. The error you're getting is because $query is true, which gets turned into 1 when treated as a string.
Either you should just set $query to the SQL string:
$query = "INSERT INTO ...";
if (mysql_query($query)) {
...
} else {
...
}
or you should just check the value of $query:
$query = mysql_query(...);
if ($query) {
...
} else {
...
}

Related

1064: SQL syntax (MySQL INSERT)

To Start.. I am using mysqli_real_escape_string() on every text field, and leaving INT as they are:
The following query successfully inserts the record into the table without fail, every field is correctly stored... There has to be something I'm being glib about, I have blurry coding eyes at this point... But after the INSERT statement is run, mysqli_error($con) tosses the following error:
1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' at line 1
(I'm nearly 100% certain I do not even use the number 1 at all, whether it be in the php code or a value)
$query = mysqli_query($con,"INSERT INTO hj_media
(mediaID,MedDropID,MediaName,GLCode,Store,MediaType,MiscDetail,ArtDueDate,RunDate,EndDate,AdvMonth,Size,Dimensions,TotalCost,HJShare,CoOpShare,Vendor,HamiltonFiscal,VendorFiscal,AdDescription,Category,AddedtoVCM,ArtworkRequested,InvoiceProcessed,BilledVendor,NetCost,ProductionCost,CostPiece,QuantityOrdered,HJCostPrinting,Postage,DDFee,EventDescription,EventDate,DateToPrint,DateInMail,DateInHome,TotalPrintQuantity,TotalMailFile,TotalActualMail,ReturnedPieces,SalesResultsUnits,SaleResultsDollars,SpendNonPrint,SpendPrint,SpendAdvertising,SpendPR,MediaNameOther,ClientPersona,Campaign)
VALUES(NULL,$add_medid,'$add_vehicle',$add_glcode,'$add_loclist','$add_type','$add_miscdetails','$add_artdate','$add_rundate','$add_enddate','$add_month','$add_size','$add_dimensions','$add_totalcost','$add_hjshare','$add_coopshare','$add_vendor',$add_hamiltonfiscal,$add_vendorfiscal,'$add_addescription','$add_category','$add_addedtovcm','$add_artworkrequested','$add_invoiceprocessed','$add_billedvendor','$add_netcost','$add_productioncost','$add_costperpiece',$add_quantityordered,'$add_hjprintcost','$add_postage','$add_ddfee','$add_eventdescription','$add_eventdate','$add_datetoprint','$add_dateinmail','$add_dateinhome',$add_printquantity,$add_totalmailfile,$add_totalactualmail,$add_returnedpieces,$add_salesunits,'$add_salesdollars','$add_spendnonprint','$add_spendprint','$add_spendadvertising','$add_spendpr','$add_medianameother','$add_persona','$add_campaign')");
if (mysqli_query($con, $query)) {
echo "New record created successfully";
}
else {
echo mysqli_errno($con) . ": " . mysqli_error($con) . "\n";
}

UPDATED QUERY, TRY THIS
$query="INSERT INTO hj_media
(mediaID,MedDropID,MediaName,GLCode,Store,MediaType,MiscDetail,ArtDueDate,RunDate,EndDate,AdvMonth,Size,Dimensions,TotalCost,HJShare,CoOpShare,Vendor,HamiltonFiscal,VendorFiscal,AdDescription,Category,AddedtoVCM,ArtworkRequested,InvoiceProcessed,BilledVendor,NetCost,ProductionCost,CostPiece,QuantityOrdered,HJCostPrinting,Postage,DDFee,EventDescription,EventDate,DateToPrint,DateInMail,DateInHome,TotalPrintQuantity,TotalMailFile,TotalActualMail,ReturnedPieces,SalesResultsUnits,SaleResultsDollars,SpendNonPrint,SpendPrint,SpendAdvertising,SpendPR,MediaNameOther,ClientPersona,Campaign) ";
$query.=" VALUES(NULL,$add_medid,'$add_vehicle',$add_glcode,'$add_loclist','$add_type','$add_miscdetails','$add_artdate','$add_rundate','$add_enddate','$add_month','$add_size','$add_dimensions','$add_totalcost','$add_hjshare','$add_coopshare','$add_vendor',$add_hamiltonfiscal,$add_vendorfiscal,'$add_addescription','$add_category','$add_addedtovcm','$add_artworkrequested','$add_invoiceprocessed','$add_billedvendor','$add_netcost','$add_productioncost','$add_costperpiece',$add_quantityordered,'$add_hjprintcost','$add_postage','$add_ddfee','$add_eventdescription','$add_eventdate','$add_datetoprint','$add_dateinmail','$add_dateinhome',$add_printquantity,$add_totalmailfile,$add_totalactualmail,$add_returnedpieces,$add_salesunits,'$add_salesdollars','$add_spendnonprint','$add_spendprint','$add_spendadvertising','$add_spendpr','$add_medianameother','$add_persona','$add_campaign');";
$result =mysqli_query($con,$query);
If($result){
echo "Success"';
}
else{
echo " query failed ". mysqli_errno();
}

The problem is yoir sending a boolean gotten from the first query test into another mysqli query function. It's a good thing to have set a variable that refernces your query string, so that you use but this value in the mysqli query function . Try this
$query="put your myqli query here;";
$result =mysqli_query($con,$query);
If($result){
echo "Success"';
}
else{
echo " query failed ". mysqli_errno();
}
can you knidly thick the question answered if this solves your problem ?

Issue with stored procedure in PHP

I have the following stored procedure that executes correctly when I run my program:
$insertIntoEmployeesProcedure = "
CREATE PROCEDURE EmployeeInsert(name VARCHAR(50),password VARCHAR(50), email VARCHAR(50))
BEGIN
INSERT INTO employees(name,password,email) values(name,password,email);
END";
$returnInsertIntoEmpProc = $conn->query($insertIntoEmployeesProcedure);
if(! $returnInsertIntoEmpProc )
{
die('Could not create insert procedure: ' . $conn->error);
}
else
{
echo "Insert Procedure created successfully<br/>";
}
I then call this procedure in another class when needed:
$insertEmp = mysqli_query($conn, "Call EmployeeInsert('$username','$password', '$email')");
$executeInsertEmp = $conn->query($insertEmp);
if(!$executeInsertEmp )
{
die('Employees not added: ' . $conn->error);
}
else
{
echo "Employees added<br/>";
}
The problem is, when I execute this code, I get the following error
Employees not added: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' at line 1
The main issue I have with this is that even though it returns this error, the record is still added into the database and everything seems to be working fine. I guess I'm more curious as to why I'm getting this error as clearly I'm overlooking something.

Ah I see what I've done, I seem to have added an additional query which was unnecessary, the line:
$executeInsertEmp = $conn->query($insertEmp);
can be ommited, the check in the if statement is then done on the variable which holds the stored procedure. The following code works:
$insertEmp = mysqli_query($conn, "Call EmployeeInsert('$username','$password', '$email')");
if(!$insertEmp )
{
die('Employees not added: ' . $conn->error);
}
else
{
echo "Employees added<br/>";
}

Commands out of sync, even though first SQL query does not contain results

I have been reading about the Commands out of sync; you can't run this command now problem for some time now, and see that you cannot have any unread results left, which makes sense to me. However, in the following case, I don't see which results I am missing to free. I have left out the irrelevant things from my PHP and SQL code below.
# Set local variables
$sql = "
SET #STARTDATE = '2014-09-01';
SET #RANK = 0;
";
if (mysqli_multi_query($conn, $sql)) {
# Success: do nothing else
} else {
# Failure: output the error message
echo "Error: " . $sql . "<br>" . $conn->error;
}
# Fetch and store the results
$sql = "
SELECT * FROM MyTable
";
$result = mysqli_query($conn, $sql);
if (!$result) {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
The second query (the if (!$result) block) returns the infamous Commands out of sync error. If I comment out the first part, the second query runs no problem. If I change the first query into only one SET statement instead of two, the second query runs no problem. Therefore, it seems that I have to clear the 'success-flag' of every individual SQL statement from the first part. Is this correct? If so, how shall this be done?
EDIT: indeed it seems you have to flush all results in between. Adding the following line between part 1 and part 2 solves the problem.
while (mysqli_next_result($conn)) {;} // Flush multi_queries
I found this solution in a user comment on the PHP manual: http://nl3.php.net/manual/en/mysqli.multi-query.php

Quite simply, your first query
SET #STARTDATE = '2014-09-01';
SET #RANK = 0;
Will generate 2 result sets and until they have been processed, even though the result will be just a status you cannot continue.
So you need to do something like this :-
if (mysqli_multi_query($conn, $sql)) {
do {
/* unload result set */
if ($result = $mysqli->store_result()) {
// Check status
$result->free();
}
} while ($mysqli->next_result());
} else {
# Failure: output the error message
echo "Error: " . $sql . "<br>" . $conn->error;
}
Of course you should probably check for errors in that loop

Mysql Insert Statement from PHP

I am trying to run PHP could which inserts a value into a MySQL table.
My db connection is working ok.
I have the code in a function:
function InsertRighmoveID($RightmoveID)
{
# Connection already created in main program
#Define the query to insert righmove ID already in Database
#VALUES ('" . substr($name, 23, 31) . "')";
echo "In InsertRighmoveID() function </br>";
$query_enter_rightmove_ID =
"INSERT INTO tblRightMoveIDs (rightmoveID)
VALUES ('" . $RightmoveID . "');";
#Echo the query to check it
echo $query_enter_rightmove_ID . "</br>";
#Execute the query
$query_enter_rightmove_ID = mysql_query($query_enter_rightmove_ID);
echo "Leaving InsertRighmoveID() function </br>";
#Execute the query
$query_enter_rightmove_ID = mysql_query($query_enter_rightmove_ID);
#Check to see if the query worked
if (!$query_enter_rightmove_ID)
{
die("Database query failed:" . mysql_error());
}
echo "Leaving InsertRighmoveID() function </br>";
}
when I run the code in a webpage, get it to print the query to screen this is the message:
INSERT INTO tblRightMoveIDs (rightmoveID) VALUES ('44047607')
Database query failed:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' at line 1
44047607 is the value passed to the function.
If I run the:
INSERT INTO tblRightMoveIDs (rightmoveID) VALUES ('44047607');
Outside the program it works.

Remove the semicolon ; from here
"INSERT INTO tblRightMoveIDs (rightmoveID)
VALUES ('" . $RightmoveID . "');";
-------^

There is error here in the starred parts:
**$query_enter_rightmove_ID** = mysql_query($query_enter_rightmove_ID);
echo "Leaving InsertRighmoveID() function </br>";
#Execute the query
$query_enter_rightmove_ID = mysql_query(**$query_enter_rightmove_ID**);
You are executing mysql_query first time with a proper query and it puts the result into $query_enter_rightmove_ID variable. Second time, you are using the result of first query as the parameter to mysql_query which is wrong

mysql_errno and mysql_error always reporting something

I have a query written as
mysql_query($query,$conn)
or
die(
"A MySQL error has occurred.<br />Your Query: " . $query . "<br /> Error: (" . mysql_errno() . ") " . mysql_error());
echo "You have been entered into our Database!";
This outputs
A MySQL error has occurred.
Your Query: INSERT INTO users (uid, twname, privacy) VALUES (15400743, 'gdhdh', 'accepted')
Error: (0)
so it doesn't list any errors or anything. When I copy/paste that query into the SQL tab of PHPMyAdmin, it runs successfully, and the DB connection isn't throwing anything bad (I know it works because a query works well elsewhere):
function get_db_conn() {
$conn = mysql_connect($GLOBALS['db_ip'], $GLOBALS['db_user'], $GLOBALS['db_pass']);
mysql_select_db($GLOBALS['db_name'], $conn);
return $conn;
}
Any thoughts on what I could fix? I'd really appreciate it.

Error 0 means that no error occurred.
Therefore if the code to output an error is being run when no error occurred you have a logic error in your code surrounding the call to the mysql_query() function.
It's hard to tell from your code what should and shouldn't run under different conditions and where the error may lie.
The following code is logically equivalent to what you are trying to achieve and should work as expected.
This code more clearly separates calling the mysql_query() function from checking the result of calling the function. I have also formatted the code a little to that it displays without any horizontal scrolling, although that's purely optional.
$queryResult = mysql_query($query, $conn);
if ($queryResult === false) {
$errorMessage = "A MySQL error has occurred.<br />"
. "Your Query: ".$query."<br />"
. " Error: (".mysql_errno().") ".mysql_error();
die($errorMessage);
}

I'm not sure if this is exactly what you're looking for, but the argument to the function is called $query, and the variable in your error is $your_query, so the value of $your_query displays in the error, but who knows what is in $query, so if it's NULL, that might cause the error number 0 with no message.

Categories