I've been using this for loop to insert information into my database:
$values = array();
for($x=1;$x<=3;$x++){
$values[]= $_POST["FCKeditor".$x];
}
echo implode(",",$values);
$sql = "INSERT INTO virus (v1,v2,v3) VALUES(".implode(",",$values).")";
However, when I looked at the result on the webpage, it gave me this message:
a1
,b2
,c3
INSERT INTO virus (v1,v2,v3) VALUES(a1
,b2
,c3
)You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '>,b2
,c3
)' at line 1
Can someone help solve this issue?
Very likely the problem is the missing quotes, and you probably wanted something like the following for your values portion:
"'".implode("','",$values)."'"
Which gives you something like:
'abc','xyx','123'
Of course I am assuming that they are all of string type. If some are not, then you need to make sure strings are quoted and numbers are not etc.
The best is for sure to use place holders, then you do not need to go through this trouble at all.
Related
Hello I try do a Update like this
$sql = "UPDATE info SET YES/NO = '$_POST[value]' WHERE ID = '$_POST[id]'";
I am getting this error:
Error updating record: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '/NO = 'YES' WHERE ID = '5'
I think this can be error from use SLASH on my database, If it is the problem how can i solve it?, thanks and i cant find any on google working for it.
Usualy, anything different than alphanumeric and underscore is not recommended.
Indeed, it is not a good practice to name a colomn like you did.
I will recommend you to rename the colomn yes_no otherwise, you will get the same error again, again and again.
I am attempting to insert some user-inputted data into my MySQL table using the following command:
$sql = "INSERT INTO Queued ('$role') VALUES ('$sname')";
Interestingly enough, I get the following error:
Error: INSERT INTO Queued ('Tops') VALUES ('Summoner')
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''Tops') VALUES ('Summoner')' at line 1
To be honest, I am relatively new at using PHP as well as MySQL, but I can't seem to find the error in my syntax; the Queued table does exist, $role and $sname are both strings so I encased them in single quotes. I suspect this is a newbie mistake, could anyone point me in the right direction?
This is due to use of single quotes ' around the column name. The query should be like:
$sql = "INSERT INTO Queued ($role) VALUES ('$sname')";
OR
$sql = "INSERT INTO Queued (`$role`) VALUES ('$sname')";
Try this format
$sql = "INSERT INTO Queued ('".$role."') VALUES ('".$sname."')";
`s role is to differentiate between built in SQL words and the column names, so if a word is used for name of a column that might be also a built in sql expression then `` are needed around it
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ','','','')' at line 2
i get the above error when running my php file.
my insert query is
$updateUserCanvas="insert into user_canvas(cns_id,course_id,context_id,email_id,resource_id) values(".$canvasId.",".$courseId.",'".$contextId."','".$email."','".$resourseid."')";
cns_id,course_id are integer datatype and context_id,email is varchar and resource_id is text datatype
I searched for the problem and tried adding mysql_real_escape_string
$updateUserCanvas="insert into user_canvas(cns_id,course_id,context_id,email_id,resource_id) values(".$canvasId.",".$courseId.",'".mysql_real_escape_string($contextId)."','".mysql_real_escape_string($email)."','".mysql_real_escape_string($resourseid)."')";
But still not working. i dont know where am mistaking.any help is greatly appreciated.Thanks.
Try This
$updateUserCanvas="insert into user_canvas(cns_id,course_id,context_id,email_id,resource_id) values('".$canvasId."','".$courseId."','".addslashes($contextId)."','".addslashes($email)."','".addslashes($resourseid)."')";
It's something wrong with your $courseId, it may be some string instead of int. Try this string:
$updateUserCanvas="insert into user_canvas (cns_id,course_id,context_id,email_id,resource_id) values ('{$canvasId}','{$courseId}','{$contextId}','{$email}','{$resourseid}')";
Long story short, I'm trying to write a PHP code that will parse a text file into MySQL queries. Everything works fine except for the queries, which consist of UPDATE statements.
The entire code is kinda long, but if you want to see it - http://pastebin.com/xVR6ArD0
Here is just the part which is problematic :
while ($i<=$no_collumns)
{
$j = $i-1;
if (!
mysql_query
("UPDATE ResultsPredmet
SET ${parsed_collumns[$i]} = '${parsed_words[$j]}'
WHERE ${parsed_first_collumn} LIKE '${parsed_first_word}'")
)
{echo mysql_error()."\n"; break;}
// echo "\nUPDATE ResultsPredmet SET ${parsed_collumns[$i]} = '${parsed_words[$j]}' WHERE ${parsed_first_collumn} LIKE \"${parsed_first_word}\"";
$i++;
}
... where $parsed_collumns and $parsed_words are arrays of strings and $parsed_first_collumn and $parsed_first_word are strings.
I tried all combinations of quotes and escapes for the variables. I tried putting them in double quotes and escaping them, or double quotes and concatenating them, then maybe i thought it was the fact that I was comparing strings via the '=' operator so i tried with 'LIKE'. I googled for several hours and everywhere people said to use single quotation marks for variables so I tried that too and it didn't work.
In the end I echoed the queries and I get:
UPDATE ResultsPredmet SET grade = '10' WHERE name LIKE "Vildur"
UPDATE ResultsPredmet SET index = '117/2010' WHERE name LIKE "Vildur"
Updating table.
UPDATE ResultsPredmet SET grade = '6' WHERE name LIKE "NinoDoko"
UPDATE ResultsPredmet SET index = '132/2011' WHERE name LIKE "NinoDoko"
Updating table.
UPDATE ResultsPredmet SET grade = '10' WHERE name LIKE "Koco"
UPDATE ResultsPredmet SET index = '130/2011' WHERE name LIKE "Koco"
Done.
Which seem fairly fine to me. Other queries I got were the same only with the names with single quotes around them, or with no quotes or any other combinations.
The errors I get are :
Updating table.
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'index = '117/2010' WHERE name LIKE 'Vildur'' at line 1
Updating table.
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'index = '132/2011' WHERE name LIKE 'NinoDoko'' at line 1
Updating table.
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'index = '130/2011' WHERE name LIKE 'Koco'' at line 1
Apparently, the server that I'm using is MariaDB 5.5, but after a bit of research I figured it would be similar to just generic MySQL, though I might be completely off. The "Updating table." is just a random echo in my code. I've also tried the query without indenting it, still got the same errors. The values I get for grade and index are strings - or at least I hope so, since I'm getting them with explode().
index is a reserved word
UPDATE ResultsPredmet SET `index` = '10' WHERE name LIKE 'Vildur'
http://dev.mysql.com/doc/refman/4.1/en/reserved-words.html
Struggling with a simple insert command, i'm getting the error
You have an error in your SQL syntax; check the manual that corresponds to
your MySQL server version for the right syntax to use near 'All In:
The Poker Movie, tells the story of poker focusing on why one of our nat'
at line 2"
Basically passing film information into a table, here is the code -
$query1 = "INSERT INTO Films_Info (Films_ID,FilmName, FilmRelease, Synopsis,Poster,CritScore,AudScore,Director,Studio,IMDB,date_added_db)
VALUES ('',$Film_Name', '$Film_Release','$filmsynopsis','$film_image','$film_critic','$film_audience','$film_director','$film_studio','$film_imdbID','')";
$runquery1 = mysql_query($query1)or die(mysql_error());
Thanks guys
It looks like that you are missing an ' before $Film_Name. Can you add the missing apostrophe?
If you have phpmyadmin enabled on you server, you can paste the code into the SQL-Field to get syntax highlighting on the SQL query.