Can someone tell me where I'm wrong with my request?
$sql = "INSERT INTO order (order_id,prod) VALUES ('','".$prod."')";
mysql_query($sql) or die ('Error SQL !'.$sql.'<br />'.mysql_error());
$_SESSION['orderid']=mysql_insert_id();
Here is my table configuration:
Columns for order table:
'order_id'=>int(11) auto_increment
'prod'=> varchar(20) utf8_general_ci
And this is the error message:
Error SQL !INSERT INTO order (order_id,prod) VALUES ('','xxx')
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order (order_id,prod) VALUES ('','xxx')' at line 1
Thank you
ORDER is a reserved keyword and happens to be the name of your column/table. To avoid syntax error, you need to escape it using backtick. E.g.
`ORDER`
MySQL Reserved Keywords List
If you have the privilege to alter the table, change the table name to which is not a reserved keyword to avoid problem from occurring again.
Waring: Please, don't use mysql_* functions in new code. They are no longer maintained and are officially deprecated. See the red box? Learn about prepared statements instead, and use PDO or MySQLi - this article will help you decide which. If you choose PDO, here is a good tutorial.
Try this:
INSERT INTO `order` (order_id,prod) VALUES ('','".$prod."')
replace with this, just use single quote with table name
$sql = "INSERT INTO `order` (order_id,prod) VALUES ('','".$prod."')";
$insert="INSERT INTO order (order_id,prod) VALUES ('','".$prod."')";
Related
I am relatively new to somewhat advanced MySQL querying. I had been trying to query the most recent order in an order table of a particular user using MySQL SELECT statement using the following MySQL query.
SELECT o1.* FROM order AS o1
WHERE o1.orderDateTime =
(
SELECT MAX(o2.orderDateTime) FROM order AS o2
WHERE o2.userId = '1'
)
But I had been constantly getting the following MySQL error #1064 related to MySQL syntax.
#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order AS o1 WHERE o1.orderDateTime = (SELECT MAX(o2.orderDateTime)FROM order AS ' at line 1
I got similar errors in relation with INSERT statements but I managed to fix it up using the methods specified in MySQL 1064: You have an error in your SQL syntax
I made every effort to fix the query in the current case but I was still unsuccessful.
I would be grateful to you if someone can help me out with fixing this MySQL syntax error for SELECT clause specified above. It would be great if someone could specify me the exact reason for the occurrence of this issue, as well.
order is a reserved word and its a bad choice for table name. You need to escape using backticks in the query
SELECT o1.* FROM `order` AS o1
WHERE o1.orderDateTime = (
SELECT MAX(o2.orderDateTime) FROM `order` AS o2
WHERE o2.userId = '1'
)
http://dev.mysql.com/doc/mysqld-version-reference/en/mysqld-version-reference-reservedwords-5-5.html
As per #Abhik, order is a MySQL keyword.
And you should avoid collapse with two methods:
Use backticks (`) (#Abhik has already explained this.)
Prepend Database name before Table Name e.g.
DataBase_Name.order.
But, still #Abhik's approach is preferable as in case of database name change, you need to change DataBase name in your query.
First of all you could follow #Abhik Chakraborty suggestion to include back ticks around order table name. order is a reserved word in mysql. My suggestion was to improve your sql query. YOu could acomplish the same using:
SELECT o1.* FROM `order` o1
WHERE o1.userId = '1' order by orderDateTime desc limit 1
the subquery seems unnecessary.
I have a bunch of php files corresponding to an application I am writing, using MySQL for my database structure. I know this questions has been asked before but I've been through most of the posts about it and can't find something that will help...
In my PHP file I have a SQL query
$group_sql = "INSERT INTO group (name, description, ownerEmail) VALUES ('$groupName', '$descrip', '$owner')";
that corresponds to a group table with three attributes: name, description, and owner email. $groupName, $descrip, $owner are three variables I have defined. I'm getting this syntax error when I try to run the query:
Error: INSERT INTO group(name, description, ownerEmail) VALUES(hi, hi, test#example.com)
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'group(name, description, ownerEmail) VALUES(hi, hi, test#example.com)' at line 1
Can someone please help me see what I'm doing wrong?
GROUP is a MySQL reserved keyword. If you name a table that, then you must wrap it in ticks:
$group_sql = "INSERT INTO `group` (name, description, ownerEmail)
VALUES ('$groupName', '$descrip', '$owner')";
Notice where SQL starts with the error and points to it?
>for the right syntax to use near 'group
> ^
This applies to both tables and columns.
Consult: http://dev.mysql.com/doc/refman/5.0/en/identifier-qualifiers.html
Here is my query
INSERT INTO faq (order, heading, content)
VALUES ('$_POST[order]','$_POST[heading]','$_POST[content]')
I have a field before it called ID that I set to auto increment and INT
I get this error "Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order, heading, content) VALUES ('Order','Title','content')' at line 1"
Is there something I am missing, it works just fine if the ID field doesn't exist?
order is a sql keyword. You need to use backticks to escape the word order
INSERT INTO faq (`order`, `heading`, `content`)
VALUES ('$_POST[order]','$_POST[heading]','$_POST[content]')
Also you should escape those $_POST parameters instead of inserting them directly into your SQL query:
$order = mysql_real_escape_string($_POST['order']);
...
INSERT INTO faq (`order`, `heading`, `content`)
VALUES ('$order','$heading','$content')
I'm trying to run this query:
INSERT INTO table_a (fb_uid, from, to, time) VALUES (12345,'blah','test','2012-12-13 11:30:00')
But I'm getting:
You have an error in your SQL syntax; check the manual that corresponds
to your MySQL server version for the right syntax to use near
'from, to, time) VALUES (12345,'blah','test','2012-12-13 11:3' at line 1
The query seems fine to me, what is wrong with it?
Use backticks on your fields to prevent a conflict with MySQL reserved words:
INSERT INTO table_a (`fb_uid`, `from`, `to`, `time`) VALUES (12345,'blah','test','2012-12-13 11:30:00')
In this case, from and to are the reserved words
See here for more information and a complete list of reserved words.
FROM and TO are reserved keyword,
INSERT INTO table_a (fb_uid, `from`, `to`, time)....
MySQL Reserved Keyword List
time is a restricted word, does this help:
INSERT INTO table_a (`fb_uid`, `x`, `y`, `time`) VALUES (12345,'blah','test','2012-12-13 11:30:00')
Escaping everything to be sure.
I have a line of code in PHP as follows...
mysql_query("INSERT INTO `updates` (project_id, date, update) VALUES ('{$project}', '{$date}', '{$update}')") or die(mysql_error());
However I'm getting the following SQL syntax error...
You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near 'update) VALUES ('14', '2012-05-06', 'Test update')' at line 1
If anyone could help me with this that would be great, perhaps it's obvious but I just can't see what's wrong here!
Change the query as below:
mysql_query("INSERT INTO `updates` (`project_id`, `date`, `update`) VALUES ('{$project}', '{$date}', '{$update}')") or die(mysql_error());
This is because date and update are registered keywords in MySQL. We cannot use it directly in the query. We need to escape it.
date and update are reserved words in MySQL.
You can use:
"INSERT INTO `updates` (project_id, `date`, `update`) VALUES ('{$project}', '{$date}', '{$update}')"
Though ideally you should never use a reserved word as an entity name. It offers no advantages, yet has a few minor disadvantages (for example, makes the SQL less portable).
Also, a fairly minor point, if project_id is an integer typed field, pass it an integer, not a string. Like:
INSERT INTO `updates` (project_id, `date`, `update`) VALUES ({$project}, '{$date}', '{$update}')
update is a keyword in SQL, encapsulate your mysql fields in backticks.
First and foremost Thing: you can not user mysql preserver word. When you use it, be ready to waste your hours in finding out error.
Here is the list of reserve words: DO NOT USE ANY AMONG IT
http://dev.mysql.com/doc/refman/5.5/en/reserved-words.html
Second: Even if you want to dare to use preserved keyword. User table prefix or column prefix along with reserved keyword.
Third:
When ever you perform the database operations along php either quote each and every parameter where required or just user simple one.
i.e if you wish to quote db table columns than surround each column by quote
"INSERT INTO `updates` (`project_id`, `date`, `update`) VALUES ('{$project}', '{$date}', '{$update}')"
and if you don't quote then quote none of them
"INSERT INTO updates (project_id, date, update) VALUES ('{$project}', '{$date}', '{$update}')"
Hope this would help you