Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 8 years ago.
Improve this question
I'm running the following SQL query in PHP
try {
$sql = "INSERT INTO doc SET type = 1,
candID = :candID,
userID = ".$_SESSION['userid'].",
filename = ".$_FILES['file']['tmp_name'].",
date=date_format(curdate(), '%d/%m/%Y')";
$s = $pdo->prepare($sql);
$s->bindValue(':candID', $_POST['candid']);
$s->execute();
}
catch (PDOException $e) {
$error = 'Error adding doc: ' . $e->getMessage();
include $errorpage;
exit();
}
And I'm getting the following error:
Error adding doc: SQLSTATE[42000]: Syntax error or access violation:
1064 You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near ':\xampp\tmp\phpD58B.tmp, date=date_format(curdate(),
'%d/%m/%Y')' at line 5
I can't quite figure out why I'm getting this error. Is there something wrong with my syntax that I'm missing?
filename = ".$_FILES['file']['tmp_name'].", should be filename = '".$_FILES['file']['tmp_name']."',
so the code should look like
try {
$sql = "INSERT INTO doc SET type = 1,
candID = :candID,
userID = ".$_SESSION['userid'].",
filename = '".$_FILES['file']['tmp_name']."',
date=date_format(curdate(), '%d/%m/%Y')";
$s = $pdo->prepare($sql);
$s->bindValue(':candID', $_POST['candid']);
$s->execute();
}
catch (PDOException $e) {
$error = 'Error adding doc: ' . $e->getMessage();
include $errorpage;
exit();
}
SET is used for UPDATE statements.
$sql = "INSERT INTO doc (type, candID, userID, finame, date) VALUES (1, :candID, :userID, :filename, :date)";
$s = $pdo->prepare($sql);
$s->execute(array(':candID' => $_POST['candid'], ':userID' => $_SESSION['userid'], ':filename' => $_FILES['file']['tmp_name'], ':date' => date('d/m/Y'));
Related
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 6 years ago.
Improve this question
I'm a beginner in web design and I have this problem. I'm trying to create a login page but when I try to create the login it throws a error as follows:
SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ':username and passwordhash=:passwordhashed)' at line 1
With php code of
Try {
// $SQL = 'INSERT INTO Passwords (username, password, passwordhashed) VALUES (:username,:password,:passwordhashed);';
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
$PasswordHashed = sha1($password);
echo "Username: ". $username ."<br> Password: ". $password . "<br> PasswordHashed: " . $PasswordHashed;
$SQL = null;
$SQL = "SELECT * FROM BlaBla WHERE (username=:username and passwordhash=:passwordhashed);";
$Statement = $MySQL->prepare($SQL);
$Statement->bindValue(':username', $username);
$Statement->bindValue(':passwordhashed', $PasswordHashed);
$Statement->execute();
$Statement = $MySQL->query($SQL);
if ($Statement->rowCount() < 1 ) {
echo 'NOPE';
} else {
echo 'welcome back '. $username;
}
} catch(PDOException $e) {
$ErrorTitle = 'Error';
$Error = "error writing to database";
$ErrorInfo = '<p>Please contact administrator at stephan.littel#stecasso.nl</p> <br> <p>'. $e->getMessage() . '</p>';
include './HTML/Error.php';
exit();
}
I don't know what the error is. Could anyone help me?
Here:
$Statement = $MySQL->prepare($SQL);
^---your prepared statement
$Statement->bindValue(':username', $username);
$Statement->bindValue(':passwordhashed', $PasswordHashed);
$Statement->execute();
$Statement = $MySQL->query($SQL);
^----raw queries have no placeholders
You prepare a statement, and execute it. But then you do a RAW query with the same SQL, replacing the result of the prepared version. You cannot use placeholders in a raw query like that. Hence your error.
That final ->query() call is useless and redundant.
Found the problem. Problem was I used query and execute. My fault of slopy bug tracking.
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 7 years ago.
Improve this question
I am new to php. I am trying to connect android with phpmyadmin using webservice .
php Code
<?php
include_once('configuration.php');
$UserId = $_POST['UserId'];
$ProductId = $_POST['ProductId'];
$DesiredQuantity = $_POST['DesiredQuantity'];
$cartstable=mysql_query("SELECT `UserId`, `ProductId`, `DesiredQuantity` FROM `carts` WHERE UId='".$UserId. "' AND ProductId='".$ProductId. "'");
$num_rows = mysql_num_rows($cartstable);
if($num_rows>0){
$updateqry=mysql_query("Update `carts` set `DesiredQuantity`= `DesiredQuantity` + $DesiredQuantity) WHERE UId='".$UserId. "' AND ProductId='".$ProductId. "');
}
else
{
$insertqry=mysql_query ("Insert into `carts` (`UId`, `ProductId`, `DesiredQuantity`) VALUES ('".$UserId. "','".$ProductId. "',$DesiredQuantity)");
}
$carts_ful=mysql_query("SELECT `UserId`, `ProductId`, `DesiredQuantity` FROM `CARTS` WHERE UId='".$UserId. "'");
while($carts = mysql_fetch_array($carts_ful)){
extract($carts);
$result[] = array("UserId" => $UserId,"ProductId" => $ProductId,"DesiredQuantity" => $DesiredQuantity);
}
$json = array("Updated Cart Details" => $result);
#mysql_close($conn);
header('Content-type: application/json');
// echo "Selected Product is added to the Cart !";
echo json_encode($json);
?>
When I tried running,I see the following error
<b>Parse error</b>: syntax error, unexpected 'insert' .
If I Cut and paste,
$insertqry=mysql_query ("Insert into `carts` (`UId`, `ProductId`, `DesiredQuantity`) VALUES ('".$UserId. "','".$ProductId. "',$DesiredQuantity)");
line above the if statement ,It works fine.
I could not understand where is the problem .Please help me finding the solution .
Stack Overflow's syntax highlighting should have been enough to spot the error.
You have missed a closing quote from one of your SQL queries. Find the amendment below.
$updateqry=mysql_query("Update `carts` set `DesiredQuantity`= `DesiredQuantity` + $DesiredQuantity) WHERE UId='".$UserId. "' AND ProductId='".$ProductId."'");
}
else
{
$insertqry=mysql_query ("Insert into `carts` (`UId`, `ProductId`, `DesiredQuantity`) VALUES ('".$UserId. "','".$ProductId. "',$DesiredQuantity)");
}
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 8 years ago.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Improve this question
i can't seem to figure out why this query isn't running
if ( $productName && $productDescription && $productPrice ) {
// SQL
// UPDATE `prostud_tristurion`.`products` SET `product_title` = 'ajax test', `product_description` = 'Was certainty remaining engrossed applauded sir how discovery.', `product_price` = '524' WHERE `products`.`product_id` = 10;
try {
$query = "update products set product_title = :pName, product_description = :pDescription, product_price = :pPrice, where product_id = :pid";
//prepare query for excecution
$stmt = $con->prepare($query);
//bind the parameters
$stmt->bindParam(':pid', $id);
$stmt->bindParam(':pName', $productName);
$stmt->bindParam(':pDescription', $productDescription);
$stmt->bindParam(':pPrice', $productPrice);
// echo "$productPrice / $productDescription / $productName / $id\n $stmt";
var_dump($_POST);
// Execute the query
if ($stmt->execute() ) {
echo "Record was updated.";
} else {
die('Unable to update record.');
}
}catch(PDOException $exception){ //to handle error
echo "Error: " . $exception->getMessage();
}
}
all i get is Unable to update record.
var_dump($_POST);
is looking good
You have an errant comma at product_price = :pPrice, where
If your code reaches the die statement then you have exceptions turned off (not recommended) but you can get the error message from the database (to log or echo) with $stmt->errorInfo()
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 8 years ago.
Improve this question
I've been trying to get a form to insert records to a MySQL database using a form, but for some reason it errors out on me and I can't figure out why.
Here is the code that processes the request:
if ($_SERVER['REQUEST_METHOD']=='POST'){
// database connection
try {
$dbh = new PDO('mysql:host='.$host.';dbname='.$dbName, $dbUser, $dbPass);
$dbh -> setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_EXCEPTION);
$dbh -> exec("SET NAMES 'utf8'");
} catch (Exception $e) {
echo "Error!: " . $e->getMessage() . "<br/>";
die();
}
// new data
$title = $_POST["txtTitle"];
$description = $_POST["txtDesc"];
$content = $_POST["txtContent"];
$sql = "INSERT INTO tblPageContent
SET (PageTitle, Description, PageContent)
VALUES (:title, :desc, :content)";
try {
$update = $dbh->prepare($sql);
$update->bindParam(":title",$title, PDO::PARAM_STR);
$update->bindParam(":desc",$description, PDO::PARAM_STR);
$update->bindParam(":content",$content, PDO::PARAM_STR);
$update->execute();
$id = $update->dbh->lastInsertId();
$update->dbh->commit();
echo $id;
} catch (Exception $e) {
echo "Data could not be updated in the database.";
echo $e;
exit;
}
}
Whenever I try to use it, I end up with this:
exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error
or access violation: 1064 You have an error in your SQL syntax; check
the manual that corresponds to your MySQL server version for the right
syntax to use near '(PageTitle, Description, PageContent) VALUES
('Awards', 'This is a test', '' at line 2'
I've tried tweaking the SQL syntax, but I still can't get it to work. Is there something I'm missing here?
Your insert syntax is WRONG.
The correct syntax is:
insert into tblPageContent (pageTitle, Description, PageContent)
values (:title, :desc, :content)
I recommend you have MySQL reference manual at hand
In your SQL, take out the SET before the first (. You use SET in updates, not inserts.
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 8 years ago.
Improve this question
I'm getting a strange error with PDO:{"error":{"text":SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens}}
I tried this sql query and i didn't find,if someone could help me;
My code:
$sql = "UPDATE feeds SET status=:statuschosen WHERE idUser=:id AND id:idfeed";
try {
$db = getConnection();
$stmt = $db->prepare($sql);
$stmt->bindParam("statuschosen", $post->statuschosen);
$stmt->bindParam("idfeed", $post->idfeed);
$stmt->bindParam("id", $id);
$stmt->execute();
$db = null;
echo json_encode($post);
} catch(PDOException $e) {
echo '{"error":{"text":'. $e->getMessage() .'}}';
}
My table have this structure:
id URL idUser status
Thank you for your help!!!
You were missing an equal sign in your $sql string. Also while binding the params you have used wrong placeholders,See below:
$sql = "UPDATE feeds SET status=:statuschosen WHERE idUser=:id AND id=:idfeed";
try {
$db = getConnection();
$stmt = $db->prepare($sql);
$stmt->bindParam(":statuschosen", $post->statuschosen);
$stmt->bindParam(":idfeed", $post->idfeed);
$stmt->bindParam(":id", $id);
$stmt->execute();
$db = null;
echo json_encode($post);
} catch(PDOException $e) {
echo '{"error":{"text":'. $e->getMessage() .'}}';
}