I'm a newbie and I've been trying for over an hour to solve this simple query:
mysql_query("INSERT INTO `tracks` (artistID, albumID, format, trackID, niceTitle, title, trackNumber, description, pictureURL, playCount) VALUES('$artistID', '$albumID[$i]', 'hq','$ID[0]', '$trackName', '$title', '$j', '$description', '$pictureURL', '$playCount'") or die(mysql_error());
I just get this error every time:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
I've done mysql_escape_string() on all variables too. Any ideas?
You are missing the final closing ):
mysql_query("INSERT INTO `tracks` (artistID, albumID, format, trackID, niceTitle, title, trackNumber, description, pictureURL, playCount) VALUES('$artistID', '$albumID[$i]', 'hq','$ID[0]', '$trackName', '$title', '$j', '$description', '$pictureURL', '$playCount')") or die(mysql_error());
You have no ending parenthesis ")" in your query
Related
$bzSendMail = mysqli_query($Connection, "INSERT INTO messages_inbox (from, towho, subject, text, rcvdat) VALUES ('$MyID', '$SenderID', '$subject', '$text' ,'$sentat')");
I'm trying to make this query works, but it keeps showing me the following error!
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'from, towho, subject, text, rcvdat) VALUES ('1', '2', 'd', 'd' ,'2014-09-07 17:0' at line 1
Anyone can help me?
you are using
FROM
as a column name in your table. You can use '' to specify the column name but it is always better not to use that kind of names as your column names.
$bzSendMail = mysqli_query($Connection, "INSERT INTO messages_inbox (`from`, `towho`, `subject`, `text`, `rcvdat`) VALUES ('$MyID', '$SenderID', '$subject', '$text' ,'$sentat')");
From is a key word in Mysql use backward quotes to skip this as follows
$bzSendMail = mysqli_query($Connection, "INSERT INTO messages_inbox (`from`, `towho`, `subject`, `text`, `rcvdat`) VALUES ('$MyID', '$SenderID', '$subject', '$text' ,'$sentat')");
from is a reserved word in sql. Make backticks around it.
This question already has an answer here:
Syntax error due to using a reserved word as a table or column name in MySQL
(1 answer)
Closed 8 years ago.
Well I'm getting this error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'desc,fb_title,fb_pic,fb_url,fb_desc) VALUES('', '', '', '', '', '', '', ''' at line 1
For the following code:
$sql="INSERT INTO page(title,css,favicon,charset,keywords,author,desc,fb_title,fb_pic,fb_url,fb_desc)
VALUES('$title', '$css', '$favicon', '$charset', '$keywords', '$author', '$desc', '$fb_title', '$fb_pic', '$fb_url', '$fb_desc')";
Everything looks fine to me.. what's wrong?
DESC is a reserved keyword. you should put it as `DESC` to escape it.
INSERT INTO page(title,css,favicon,charset,keywords,author,`desc`,fb_title,fb_pic,fb_url,fb_desc)
VALUES('$title', '$css', '$favicon', '$charset', '$keywords', '$author', '$desc', '$fb_title', '$fb_pic', '$fb_url', '$fb_desc')
Add Backtic around desc because its a reserve word
INSERT INTO page(title,css,favicon,charset,keywords,author,`desc`,fb_title,fb_pic,fb_url,fb_desc)
VALUES('$title', '$css', '$favicon', '$charset', '$keywords', '$author', '$desc', '$fb_title', '$fb_pic', '$fb_url', '$fb_desc')
DESC is a reserved keyword and you cannot have that as a column else surround it using a backtick operator .
Here..
$sql="INSERT INTO page(title,css,favicon,charset,keywords,author,desc,fb_t
------------^
Disclaimer: Stop using mysql_* functions as they are deprecated. Switch to MySQLi or PDO instead.
desc is reserved keyword of mysql
$sql="INSERT INTO page(`title`, `css`, `favicon`, `charset`, `keywords`, `author`,`desc`,`fb_title`,`fb_pic`,`fb_url`,`fb_desc`)
VALUES('$title', '$css', '$favicon', '$charset', '$keywords', '$author', '$desc', '$fb_title', '$fb_pic', '$fb_url', '$fb_desc')";
$to = '555';
$from = '555';
$message = 'stuff';
mysql_query("INSERT INTO `convo` (to, from, content)
VALUES ( '$to', '$from', '$message' )") or die(mysql_error());
I can't figure out what is wrong with my above simple query. What obvious thing am I missing?
You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near 'to, from, content) VALUES ( '555', '555', 'stuff' )' at line 1
It looks like to is a MySQL reserved word.
Try
mysql_query("INSERT INTO `convo` (`to`, `from`, `content`) VALUES ( '$to', '$from', '$message' )") or die(mysql_error());
TO is a MySQL keyword. To fix this, wrap backticks around your to field.
mysql_query ("
INSERT INTO items
(index, name, description, given_by,
cost_to_tcs, starting_bid, auction_type)
VALUES
('{$index_number}','{$name}','{$description}','{$donated_by}',
NULL,'{$auction_type}','{$starting_bid}')
")
or die("3: " . mysql_error());
Errors with:
3: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''index', 'name', 'description', 'given_by', 'cost_to_tcs', 'starting_bid', 'auct' at line 1
Thanks for any help.
index is mysql Reserved keyword, wrap index with (back tick) `` `
INSERT INTO items
(`index`, `name`, `description`, `given_by`,
`cost_to_tcs`, `starting_bid`, `auction_type`)
Reserve key words
try like that:
mysql_query ("
INSERT INTO items (
`index`,
`name`,
`description`,
`given_by`,
`cost_to_tcs`,
`starting_bid`,
`auction_type`)
VALUES(
'$index_number',
'$name',
'$description',
'$donated_by',
NULL,
'$auction_type',
'$starting_bid')
")
or die("3: " . mysql_error());
also make sure to safe the data with mysql_real_escape_string();
There's gotta be something small I keep missing here, but I can't find it for the life of me.
$insert = mysql_query("INSERT INTO USERS
(`FBID`, `FIRST_NAME`, `LAST_NAME`, `GENDER`)
VALUES ('$fbid', '$firstName', '$lastName', '$gender')");
The error is:
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' at line 1
Any ideas?
You are not having variables correctly escaped. Use mysql_real_escape_string and code like this:
$insert = mysql_query("INSERT INTO USERS (`FBID`, `FIRST_NAME`, `LAST_NAME`, `GENDER`)
VALUES (
'".mysql_real_escape_string($fbid)."',
'".mysql_real_escape_string($firstName)."',
'".mysql_real_escape_string($lastName)."',
'".mysql_real_escape_string($gender)."'
)");
If the variables contain any quotes, they create the problem if you don't properly escape them.
Do any of your names contain single quotes?
Try writing out the value of the query to log/console/debug to ensure that it's what you expect.
Try wrapping your variables in {}.
'{$fbid}', '{$firstName}', '{$lastName}', '{$gender}'
Otherwise you are going to have to use string concatenation.
'".$fbid."','".$firstName."','"...
I'm assuming your variables already contain proper escaped data.
Try doing it like this:
$sql = <<EOL
INSERT INTO USERS (`FBID`, `FIRST_NAME`, `LAST_NAME`, `GENDER`)
VALUES ('$fbid', '$firstName', '$lastName', '$gender')
EOL;
$stmt = mysql_query($sql) or die("MySQL error: " . mysql_error());
This will preserve the query for you in $sql so you can echo it out elsewhere and see what was actually produced.