I have ths query, again i'm trying to pass from pop3 account to mysql database:
mysqli_query($con,"INSERT INTO procesa_emails (body_mail, uid_message, fecha, from, to, subject, message_id) VALUES ('".mysqli_real_escape_string($con,htmlentities(str_replace("'","",str_replace('"','',$message))))."','".mysqli_real_escape_string($con,htmlentities($uid_mess))."','".mysqli_real_escape_string($con,htmlentities($fecha))."','".mysqli_real_escape_string($con,htmlentities($from))."','".mysqli_real_escape_string($con,htmlentities($to))."','".mysqli_real_escape_string($con,htmlentities($subject))."','".mysqli_real_escape_string($con,htmlentities($mui))."')")or die(mysqli_error($con));
But It returns me:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'from, to, subject, message_id)
I tried with str_replace("'","",str_replace('"'.'')) But It also doesn't work
FROM is a reserved keyword. So, if you want to use that inside your query, you need to wrap it in backticks, like so:
mysqli_query($con,"
INSERT INTO procesa_emails (body_mail, uid_message, fecha, `from`, ...
Hope this helps!
Related
I have a bunch of php files corresponding to an application I am writing, using MySQL for my database structure. I know this questions has been asked before but I've been through most of the posts about it and can't find something that will help...
In my PHP file I have a SQL query
$group_sql = "INSERT INTO group (name, description, ownerEmail) VALUES ('$groupName', '$descrip', '$owner')";
that corresponds to a group table with three attributes: name, description, and owner email. $groupName, $descrip, $owner are three variables I have defined. I'm getting this syntax error when I try to run the query:
Error: INSERT INTO group(name, description, ownerEmail) VALUES(hi, hi, test#example.com)
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'group(name, description, ownerEmail) VALUES(hi, hi, test#example.com)' at line 1
Can someone please help me see what I'm doing wrong?
GROUP is a MySQL reserved keyword. If you name a table that, then you must wrap it in ticks:
$group_sql = "INSERT INTO `group` (name, description, ownerEmail)
VALUES ('$groupName', '$descrip', '$owner')";
Notice where SQL starts with the error and points to it?
>for the right syntax to use near 'group
> ^
This applies to both tables and columns.
Consult: http://dev.mysql.com/doc/refman/5.0/en/identifier-qualifiers.html
Can someone tell me where I'm wrong with my request?
$sql = "INSERT INTO order (order_id,prod) VALUES ('','".$prod."')";
mysql_query($sql) or die ('Error SQL !'.$sql.'<br />'.mysql_error());
$_SESSION['orderid']=mysql_insert_id();
Here is my table configuration:
Columns for order table:
'order_id'=>int(11) auto_increment
'prod'=> varchar(20) utf8_general_ci
And this is the error message:
Error SQL !INSERT INTO order (order_id,prod) VALUES ('','xxx')
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order (order_id,prod) VALUES ('','xxx')' at line 1
Thank you
ORDER is a reserved keyword and happens to be the name of your column/table. To avoid syntax error, you need to escape it using backtick. E.g.
`ORDER`
MySQL Reserved Keywords List
If you have the privilege to alter the table, change the table name to which is not a reserved keyword to avoid problem from occurring again.
Waring: Please, don't use mysql_* functions in new code. They are no longer maintained and are officially deprecated. See the red box? Learn about prepared statements instead, and use PDO or MySQLi - this article will help you decide which. If you choose PDO, here is a good tutorial.
Try this:
INSERT INTO `order` (order_id,prod) VALUES ('','".$prod."')
replace with this, just use single quote with table name
$sql = "INSERT INTO `order` (order_id,prod) VALUES ('','".$prod."')";
$insert="INSERT INTO order (order_id,prod) VALUES ('','".$prod."')";
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'group, name, domain, status) VALUES ('19', 'Minecraft', 'Bukkit', 'Bukkit Basic'' at line 1
mysql_query("INSERT INTO products (id, server, group, name, domain, status)
VALUES ('".$productid."', '".$productserver."', '".$productgroup."',
'".$productname."', '".$productdomain."', '".$productstatus."')")
OR die(mysql_error());
I have rewritten the code 5 times.
group is a reserved word in MySQL. You have to escape it with backticks:
INSERT INTO products (id, server, `group`, name, domain, status) VALUES ...
use backticks (`) around column names when you use reserved keywords in query. group is a reserved keyword. So use `group`
See Reserved Words
Here is my query
INSERT INTO faq (order, heading, content)
VALUES ('$_POST[order]','$_POST[heading]','$_POST[content]')
I have a field before it called ID that I set to auto increment and INT
I get this error "Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order, heading, content) VALUES ('Order','Title','content')' at line 1"
Is there something I am missing, it works just fine if the ID field doesn't exist?
order is a sql keyword. You need to use backticks to escape the word order
INSERT INTO faq (`order`, `heading`, `content`)
VALUES ('$_POST[order]','$_POST[heading]','$_POST[content]')
Also you should escape those $_POST parameters instead of inserting them directly into your SQL query:
$order = mysql_real_escape_string($_POST['order']);
...
INSERT INTO faq (`order`, `heading`, `content`)
VALUES ('$order','$heading','$content')
I'm trying to run this query:
INSERT INTO table_a (fb_uid, from, to, time) VALUES (12345,'blah','test','2012-12-13 11:30:00')
But I'm getting:
You have an error in your SQL syntax; check the manual that corresponds
to your MySQL server version for the right syntax to use near
'from, to, time) VALUES (12345,'blah','test','2012-12-13 11:3' at line 1
The query seems fine to me, what is wrong with it?
Use backticks on your fields to prevent a conflict with MySQL reserved words:
INSERT INTO table_a (`fb_uid`, `from`, `to`, `time`) VALUES (12345,'blah','test','2012-12-13 11:30:00')
In this case, from and to are the reserved words
See here for more information and a complete list of reserved words.
FROM and TO are reserved keyword,
INSERT INTO table_a (fb_uid, `from`, `to`, time)....
MySQL Reserved Keyword List
time is a restricted word, does this help:
INSERT INTO table_a (`fb_uid`, `x`, `y`, `time`) VALUES (12345,'blah','test','2012-12-13 11:30:00')
Escaping everything to be sure.