You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ','','','')' at line 2
i get the above error when running my php file.
my insert query is
$updateUserCanvas="insert into user_canvas(cns_id,course_id,context_id,email_id,resource_id) values(".$canvasId.",".$courseId.",'".$contextId."','".$email."','".$resourseid."')";
cns_id,course_id are integer datatype and context_id,email is varchar and resource_id is text datatype
I searched for the problem and tried adding mysql_real_escape_string
$updateUserCanvas="insert into user_canvas(cns_id,course_id,context_id,email_id,resource_id) values(".$canvasId.",".$courseId.",'".mysql_real_escape_string($contextId)."','".mysql_real_escape_string($email)."','".mysql_real_escape_string($resourseid)."')";
But still not working. i dont know where am mistaking.any help is greatly appreciated.Thanks.
Try This
$updateUserCanvas="insert into user_canvas(cns_id,course_id,context_id,email_id,resource_id) values('".$canvasId."','".$courseId."','".addslashes($contextId)."','".addslashes($email)."','".addslashes($resourseid)."')";
It's something wrong with your $courseId, it may be some string instead of int. Try this string:
$updateUserCanvas="insert into user_canvas (cns_id,course_id,context_id,email_id,resource_id) values ('{$canvasId}','{$courseId}','{$contextId}','{$email}','{$resourseid}')";
Related
I have this problem in PHP I can't solve:
$nIDEmp=$_GET["idEmp"];
$dniEmp=$_GET["dniEmp"];
$sql="UPDATE empleados
SET
dniEmp= coalesce($dniEmp, dniEmp) WHERE nIDEmp=$nIDEmp";
So, this SQL QUERY DO works, I tryied it into my database with no problems, BUT, SQL keeps throwing me the following error:
You have an error in your SQL syntax; check the manual that corresponds to your
MariaDB server version for the right syntax to use near ' dniEmp) WHERE nIDEmp=1' at line 3
I just can't figure out what i'm doing wrong.
Thank you in advance.
EDIT: I hardcoded NULL into the SQL QUERY and suddenly the code worked
SO, php isn't sending a null value to the sql query?
How do i solve this?
Solution: after doing the query, check (in PHP) for all the values to be null, if they are null, make the variable = "NULL" like the following:
$nIDEmp=$_GET["idEmp"];
$dniEmp=is_null($_GET["dniEmp"])?"NULL":$_GET["dniEmp"]; //<- Here is the solution
$sql="UPDATE empleados
SET
dniEmp= coalesce($dniEmp, dniEmp) WHERE nIDEmp=$nIDEmp";
I've been using this for loop to insert information into my database:
$values = array();
for($x=1;$x<=3;$x++){
$values[]= $_POST["FCKeditor".$x];
}
echo implode(",",$values);
$sql = "INSERT INTO virus (v1,v2,v3) VALUES(".implode(",",$values).")";
However, when I looked at the result on the webpage, it gave me this message:
a1
,b2
,c3
INSERT INTO virus (v1,v2,v3) VALUES(a1
,b2
,c3
)You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '>,b2
,c3
)' at line 1
Can someone help solve this issue?
Very likely the problem is the missing quotes, and you probably wanted something like the following for your values portion:
"'".implode("','",$values)."'"
Which gives you something like:
'abc','xyx','123'
Of course I am assuming that they are all of string type. If some are not, then you need to make sure strings are quoted and numbers are not etc.
The best is for sure to use place holders, then you do not need to go through this trouble at all.
I am using following Insert statement to insert Blob row read from one database into another. (there is data when i echo the same insert statement).
UPDATE:
"INSERT INTO co_registration_picture_evidence_blb
(_URI, _CREATOR_URI_USER, _CREATION_DATE, _LAST_UPDATE_URI_USER, _LAST_UPDATE_DATE,
_TOP_LEVEL_AURI, VALUE) VALUES('".$imageRow['_URI']."','".$imageRow['_CREATOR_URI_USER']."','"
.$imageRow['_CREATION_DATE']."','".$imageRow['_LAST_UPDATE_URI_USER']."','".
$imageRow['_LAST_UPDATE_DATE']."','".$imageRow['_TOP_LEVEL_AURI']."'".
$imageRow['VALUE']."')"
I get following error message.
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 3
Update: Now i get this error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?PNG\r\n\Z\n\0\0\0\rIHDR\0\0\0?\0\0\0?\0\0\0????\0\0%iCCPICC Profile\0\0x??M' at line 3
Can anyone tell what's wrong with the syntax? my guess is that i should wrap VALUE column that is of type LongBlob (that holds an image) to some encoding function. (all data fields are already mysql_real_escape_string() filtered).
Any input would be really appreciated.
Regards.
You seem to be missing a , '
INSERT INTO co_registration_picture_evidence_blb
(_URI, _CREATOR_URI_USER, _CREATION_DATE, _LAST_UPDATE_URI_USER, _LAST_UPDATE_DATE,
_TOP_LEVEL_AURI, VALUE) VALUES('".$imageRow['_URI']."','".$imageRow['_CREATOR_URI_USER']."','"
.$imageRow['_CREATION_DATE']."','".$imageRow['_LAST_UPDATE_URI_USER']."','".
$imageRow['_LAST_UPDATE_DATE']."','".$imageRow['_TOP_LEVEL_AURI']."', '".
$imageRow['VALUE']."')
What did I change?
'".$imageRow['_TOP_LEVEL_AURI']."'".
'".$imageRow['_TOP_LEVEL_AURI']."', '".
Maybe it's my query, but I don't think so. I'm attempting to import messages parsed from an mbox format into MySQL, but MySQL fails when I do it through PHP or manually through phpMyAdmin. Any thoughts?
$sql='INSERT INTO `listserv_mbox` ("message-id", "mbox")
VALUES ("'.mysql_real_escape_string($structure->headers['message-id']).'"
,"'.mysql_real_escape_string($message_base64).'")';
// Run our MySQL query
$db->Execute($sql);
This code looks correct to me, so I'm totally lost on why I cannot import this data for whatever reason. The error I keep getting is:
1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"message-id", "mbox") VALUES ("<012c01c69c88$98e38250$31780b4b#dtadavid>","RnJvb' at line 1
The query looks like this. I couldn't get it to work before, so I decided to try base64_encode() on the message itself, but still it doesn't work. Here's the base64_encod()'d query.
INSERT INTO `listserv_mbox` ("message-id", "mbox")
VALUES ("<012c01c69c88$98e38250$31780b4b#dtadavid>"
,"RnJvbSBkYXZpZC53YWxsaXNAZHRhaG91LmNvbSBGcmkgSnVuIDMwIDE1OjA3OjQyIDIwMDYKUmVjZWl2ZWQ6IGZyb20gbWFpbC5kdGFob3UuY29tIChtYWlsLmR0YWhvdS5jb20gWzY1LjM4LjExMC4yMjFdKQoJYnkgbG9jYWxob3N0LmxvY2FsZG9tYWluICg4LjEyLjgvOC4xMi44KSB3aXRoIEVTTVRQIGlkIGs1VUs3Z1h1MDIyMTEwCglmb3IgPGFwZGYtZGlzY3Vzc2lvbnNAbGlzdHMuYWFwZGYub3JnPjsKCUZyaSwgMzAgSnVuIDIwMDYgMTU6MDc6NDIgLTA1MDAKeC1maWx0ZXJlZDogMQpSZWNlaXZlZDogZnJvbSBsb2NhbC1pcFt4LngueC54XSBieSBtYWlsMS5kdGFob3UubG9jYWw7CiAgICAgRnJpLCAzMCBKdW4gMjAwNiAxNjowNDo0NCAtMDUwMApNZXNzYWdlLUlEOiA8MDEyYzAxYzY5Yzg4JDk4ZTM4MjUwJDMxNzgwYjRiQGR0YWRhdmlkPgpGcm9tOiA8ZGF2aWQud2FsbGlzQGR0YWhvdS5jb20+ClRvOiA8YXBkZi1kaXNjdXNzaW9uc0BsaXN0cy5hYXBkZi5vcmc+CkRhdGU6IEZyaSwgMzAgSnVuIDIwMDYgMTY6MDM6MTEgLTA1MDAKTUlNRS1WZXJzaW9uOiAxLjAKQ29udGVudC1UeXBlOiBtdWx0aXBhcnQvYWx0ZXJuYXRpdmU7Cglib3VuZGFyeT0iLS0tLT1fTmV4dFBhcnRfMDAwXzAxMjlfMDFDNjlDNUUuQUZGMDdDNzAiClgtUHJpb3JpdHk6IDMKWC1NU01haWwtUHJpb3JpdHk6IE5vcm1hbApYLU1haWxlcjogTWljcm9zb2Z0IE91dGxvb2sgRXhwcmVzcyA2LjAwLjI5MDAuMjg2OQpYLU1pbWVPTEU6IFByb2R1Y2VkIEJ5IE1pY3Jvc29mdCBNaW1lT0xFIFY2LjAwLjI5MDAuMjg2OQpTdWJqZWN0OiBbQXBkZi1kaXNjdXNzaW9uc10gdGVzdApYLUJlZW5UaGVyZTogYXBkZi1kaXNjdXNzaW9uc0BsaXN0cy5hYXBkZi5vcmcKWC1NYWlsbWFuLVZlcnNpb246IDIuMQpQcmVjZWRlbmNlOiBsaXN0ClJlcGx5LVRvOiBkYXZpZC53YWxsaXNAZHRhaG91LmNvbQpMaXN0LUlkOiA8YXBkZi1kaXNjdXNzaW9ucy5saXN0cy5hYXBkZi5vcmc+Ckxpc3QtVW5zdWJzY3JpYmU6IDxodHRwOi8vbGlzdHMuYWFwZGYub3JnL21haWxtYW4vbGlzdGluZm8vYXBkZi1kaXNjdXNzaW9ucz4sCgk8bWFpbHRvOmFwZGYtZGlzY3Vzc2lvbnMtcmVxdWVzdEBsaXN0cy5hYXBkZi5vcmc/c3ViamVjdD11bnN1YnNjcmliZT4KTGlzdC1BcmNoaXZlOiA8aHR0cDovL2xpc3RzLmFhcGRmLm9yZy9tYWlsbWFuL3ByaXZhdGUvYXBkZi1kaXNjdXNzaW9ucz4KTGlzdC1Qb3N0OiA8bWFpbHRvOmFwZGYtZGlzY3Vzc2lvbnNAbGlzdHMuYWFwZGYub3JnPgpMaXN0LUhlbHA6IDxtYWlsdG86YXBkZi1kaXNjdXNzaW9ucy1yZXF1ZXN0QGxpc3RzLmFhcGRmLm9yZz9zdWJqZWN0PWhlbHA+Ckxpc3QtU3Vic2NyaWJlOiA8aHR0cDovL2xpc3RzLmFhcGRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2FwZGYtZGlzY3Vzc2lvbnM+LAoJPG1haWx0bzphcGRmLWRpc2N1c3Npb25zLXJlcXVlc3RAbGlzdHMuYWFwZGYub3JnP3N1YmplY3Q9c3Vic2NyaWJlPgpYLUxpc3QtUmVjZWl2ZWQtRGF0ZTogRnJpLCAzMCBKdW4gMjAwNiAyMDowNzo0MiAtMDAwMAoKVGhpcyBpcyBhIG11bHRpLXBhcnQgbWVzc2FnZSBpbiBNSU1FIGZvcm1hdC4KCi0tLS0tLT1fTmV4dFBhcnRfMDAwXzAxMjlfMDFDNjlDNUUuQUZGMDdDNzAKQ29udGVudC1UeXBlOiB0ZXh0L3BsYWluOwoJY2hhcnNldD0iaXNvLTg4NTktMSIKQ29udGVudC1UcmFuc2Zlci1FbmNvZGluZzogcXVvdGVkLXByaW50YWJsZQoKdGhpcyBpcyBhIHRlc3QKLS0tLS0tPV9OZXh0UGFydF8wMDBfMDEyOV8wMUM2OUM1RS5BRkYwN0M3MApDb250ZW50LVR5cGU6IHRleHQvaHRtbDsKCWNoYXJzZXQ9Imlzby04ODU5LTEiCkNvbnRlbnQtVHJhbnNmZXItRW5jb2Rpbmc6IHF1b3RlZC1wcmludGFibGUKCjwhRE9DVFlQRSBIVE1MIFBVQkxJQyAiLS8vVzNDLy9EVEQgSFRNTCA0LjAgVHJhbnNpdGlvbmFsLy9FTiI+CjxIVE1MPjxIRUFEPgo8TUVUQSBodHRwLWVxdWl2PTNEQ29udGVudC1UeXBlIGNvbnRlbnQ9M0QidGV4dC9odG1sOyA9CmNoYXJzZXQ9M0Rpc28tODg1OS0xIj4KPE1FVEEgY29udGVudD0zRCJNU0hUTUwgNi4wMC4yOTAwLjI5MTIiIG5hbWU9M0RHRU5FUkFUT1I+CjxTVFlMRT48L1NUWUxFPgo8L0hFQUQ+CjxCT0RZIGJnQ29sb3I9M0QjZmZmZmZmPgo8RElWPjxGT05UIGZhY2U9M0RBcmlhbCBzaXplPTNEMj50aGlzIGlzIGEgPQp0ZXN0PC9GT05UPjwvRElWPjwvQk9EWT48L0hUTUw+CgotLS0tLS09X05leHRQYXJ0XzAwMF8wMTI5XzAxQzY5QzVFLkFGRjA3QzcwLS0=")
INSERT INTO `listserv_mbox` ("message-id", "mbox"
That should be
INSERT INTO `listserv_mbox` (`message-id`, `mbox`
` instead of "
Maybe value is just too long for type of field "message_id"
hi im using mysqli and i saw some examples using placeholder like :something and ?
when i used ? its working, but when i used :something in query like this
$sql = INSERT INTO food(food_name)
VALUES(:food_name)
then error showed up when i called
$mysqli_object->prepare($sql);
error message sounds like this
User Error! You have an error in your
SQL syntax; check the manual that
corresponds to your MySQL server
version for the right syntax to use
near ':food_name)' at line
but when i used ? as the placeholder, everything working well, i used PHP 5.3.1 and MySQL 5.1.41
am i missed somewhere, any help will be appreciated thanks
mysqli does not support named placeholders.
PDO does, using either bindParam or execute.
(Careful, you can only use a named placeholder once per query. They aren't too incredibly useful.)