Here is my query
INSERT INTO faq (order, heading, content)
VALUES ('$_POST[order]','$_POST[heading]','$_POST[content]')
I have a field before it called ID that I set to auto increment and INT
I get this error "Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order, heading, content) VALUES ('Order','Title','content')' at line 1"
Is there something I am missing, it works just fine if the ID field doesn't exist?
order is a sql keyword. You need to use backticks to escape the word order
INSERT INTO faq (`order`, `heading`, `content`)
VALUES ('$_POST[order]','$_POST[heading]','$_POST[content]')
Also you should escape those $_POST parameters instead of inserting them directly into your SQL query:
$order = mysql_real_escape_string($_POST['order']);
...
INSERT INTO faq (`order`, `heading`, `content`)
VALUES ('$order','$heading','$content')
Related
I have two tables listed below:
Table: "wp_topic"
Table: "wp_default_topics"
What i am trying to do is copy all of the rows from wp_default_topics (except for ID) to wp_topic auto-increment from the new table (wp_default_topics).
I can use the below code to copy everything fine:
INSERT INTO wp_topic SELECT * FROM wp_default_topics
but i will end up wit the error "#1062 - Duplicate entry '28' for key 'PRIMARY'"
I have tried:
INSERT INTO wp_topic SELECT * FROM wp_default_topics ON DUPLICATE KEY UPDATE ID=VALUES(ID+1)
But end up with the error message:
"#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '+1)' at line 1"
and i have tried:
INSERT INTO wp_topic SELECT * FROM wp_default_topics ON DUPLICATE KEY UPDATE LAST_INSERT_ID(wp_topic.ID)
But i end up with the error message:
"#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '(wp_topic.ID)' at line 1"
I have also tried the below which i thought would work but unfortunately it does not.
INSERT INTO wp_topic SELECT (user_id, name, subject, company, date) FROM wp_default_topics
"#1241 - Operand should contain 1 column(s)"
I have tried a few variations of the above but without any luck could i get a pointer as to what i am missing here?
Thank You
David
You need to skip the id column when inserting, so you have to list all the columns explicitly, not use SELECT *
INSERT INTO wp_topic (user_id, name, subject, company, date)
SELECT user_id, name, subject, company, date
FROM wp_default_topics
Can't you just remove the id field from the select and insert?
INSERT INTO wp_topic (`user_id`, `name`, `subject`, `company`, `date`)
SELECT `user_id`, `name`, `subject`, `company`, `date` FROM wp_default_topics
Another slightly simpler way of writing the INSERT sub-select query that's been suggested already:
INSERT INTO wp_topic
SELECT NULL, user_id, name, subject, company, date FROM wp_default_topics;
I have a bunch of php files corresponding to an application I am writing, using MySQL for my database structure. I know this questions has been asked before but I've been through most of the posts about it and can't find something that will help...
In my PHP file I have a SQL query
$group_sql = "INSERT INTO group (name, description, ownerEmail) VALUES ('$groupName', '$descrip', '$owner')";
that corresponds to a group table with three attributes: name, description, and owner email. $groupName, $descrip, $owner are three variables I have defined. I'm getting this syntax error when I try to run the query:
Error: INSERT INTO group(name, description, ownerEmail) VALUES(hi, hi, test#example.com)
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'group(name, description, ownerEmail) VALUES(hi, hi, test#example.com)' at line 1
Can someone please help me see what I'm doing wrong?
GROUP is a MySQL reserved keyword. If you name a table that, then you must wrap it in ticks:
$group_sql = "INSERT INTO `group` (name, description, ownerEmail)
VALUES ('$groupName', '$descrip', '$owner')";
Notice where SQL starts with the error and points to it?
>for the right syntax to use near 'group
> ^
This applies to both tables and columns.
Consult: http://dev.mysql.com/doc/refman/5.0/en/identifier-qualifiers.html
I have ths query, again i'm trying to pass from pop3 account to mysql database:
mysqli_query($con,"INSERT INTO procesa_emails (body_mail, uid_message, fecha, from, to, subject, message_id) VALUES ('".mysqli_real_escape_string($con,htmlentities(str_replace("'","",str_replace('"','',$message))))."','".mysqli_real_escape_string($con,htmlentities($uid_mess))."','".mysqli_real_escape_string($con,htmlentities($fecha))."','".mysqli_real_escape_string($con,htmlentities($from))."','".mysqli_real_escape_string($con,htmlentities($to))."','".mysqli_real_escape_string($con,htmlentities($subject))."','".mysqli_real_escape_string($con,htmlentities($mui))."')")or die(mysqli_error($con));
But It returns me:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'from, to, subject, message_id)
I tried with str_replace("'","",str_replace('"'.'')) But It also doesn't work
FROM is a reserved keyword. So, if you want to use that inside your query, you need to wrap it in backticks, like so:
mysqli_query($con,"
INSERT INTO procesa_emails (body_mail, uid_message, fecha, `from`, ...
Hope this helps!
I'm trying to run this query:
INSERT INTO table_a (fb_uid, from, to, time) VALUES (12345,'blah','test','2012-12-13 11:30:00')
But I'm getting:
You have an error in your SQL syntax; check the manual that corresponds
to your MySQL server version for the right syntax to use near
'from, to, time) VALUES (12345,'blah','test','2012-12-13 11:3' at line 1
The query seems fine to me, what is wrong with it?
Use backticks on your fields to prevent a conflict with MySQL reserved words:
INSERT INTO table_a (`fb_uid`, `from`, `to`, `time`) VALUES (12345,'blah','test','2012-12-13 11:30:00')
In this case, from and to are the reserved words
See here for more information and a complete list of reserved words.
FROM and TO are reserved keyword,
INSERT INTO table_a (fb_uid, `from`, `to`, time)....
MySQL Reserved Keyword List
time is a restricted word, does this help:
INSERT INTO table_a (`fb_uid`, `x`, `y`, `time`) VALUES (12345,'blah','test','2012-12-13 11:30:00')
Escaping everything to be sure.
I have a line of code in PHP as follows...
mysql_query("INSERT INTO `updates` (project_id, date, update) VALUES ('{$project}', '{$date}', '{$update}')") or die(mysql_error());
However I'm getting the following SQL syntax error...
You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near 'update) VALUES ('14', '2012-05-06', 'Test update')' at line 1
If anyone could help me with this that would be great, perhaps it's obvious but I just can't see what's wrong here!
Change the query as below:
mysql_query("INSERT INTO `updates` (`project_id`, `date`, `update`) VALUES ('{$project}', '{$date}', '{$update}')") or die(mysql_error());
This is because date and update are registered keywords in MySQL. We cannot use it directly in the query. We need to escape it.
date and update are reserved words in MySQL.
You can use:
"INSERT INTO `updates` (project_id, `date`, `update`) VALUES ('{$project}', '{$date}', '{$update}')"
Though ideally you should never use a reserved word as an entity name. It offers no advantages, yet has a few minor disadvantages (for example, makes the SQL less portable).
Also, a fairly minor point, if project_id is an integer typed field, pass it an integer, not a string. Like:
INSERT INTO `updates` (project_id, `date`, `update`) VALUES ({$project}, '{$date}', '{$update}')
update is a keyword in SQL, encapsulate your mysql fields in backticks.
First and foremost Thing: you can not user mysql preserver word. When you use it, be ready to waste your hours in finding out error.
Here is the list of reserve words: DO NOT USE ANY AMONG IT
http://dev.mysql.com/doc/refman/5.5/en/reserved-words.html
Second: Even if you want to dare to use preserved keyword. User table prefix or column prefix along with reserved keyword.
Third:
When ever you perform the database operations along php either quote each and every parameter where required or just user simple one.
i.e if you wish to quote db table columns than surround each column by quote
"INSERT INTO `updates` (`project_id`, `date`, `update`) VALUES ('{$project}', '{$date}', '{$update}')"
and if you don't quote then quote none of them
"INSERT INTO updates (project_id, date, update) VALUES ('{$project}', '{$date}', '{$update}')"
Hope this would help you