This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
Whats wrong with this query mysql?
I am using mysql and php to update a record. Here is my code:
$n=mysql_query("UPDATE chondas SET model='$model1', yearstart=$yearstart1,
yearstop=$yearstop1, desc='$desc1', hp='$hp1',
engine='$engine1',trim='$trim1', weight='$weight1' WHERE id=$id1");
In the following code if I take out desc='$desc1' everything works perfectly. What would cause this error?
When i tested the following code in phpmyadmin I got this error:
#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'desc='text of the textarea' at line 1.
DESC is a reserved word in mysql so you need to use backticks:
UPDATE chondas SET model='$model1', yearstart=$yearstart1, yearstop=$yearstop1, `desc`='$desc1', hp='$hp1', engine='$engine1',trim='$trim1', weight='$weight1' WHERE id=$id1
You should also switch to PDO (or mysqli) and prepared statements with bound variables to avoid potential sql injection.
DESC is a reserved word in MySQL.
Escape it with backticks
`desc` = '$desc1'
Your query won't run if you include the variable names in phpMyAdmin, such as:
UPDATE chondas SET model='$model1', yearstart=$yearstart1,
yearstop=$yearstop1, **desc='$desc1'**, hp='$hp1',
engine='$engine1',trim='$trim1', weight='$weight1' WHERE id=$id1
Also, the PHP won't run if you mix your "" and '' e.g: "UPDATE chondas SET model='$model1'...
Related
This question already has answers here:
how to add ` character to sql queries in cakephp 3
(2 answers)
Closed 4 years ago.
Here is my code:
$conn = \Cake\Datasource\ConnectionManager::get('default');
$conn->logQueries(true);
$entities[] = $this->patchEntity($entity, $insertData);
$this->saveMany($entities);
And its generating the following insert header:
INSERT INTO aneel_sdi_razao_sintetico (Ide_RO_Sintetico, Cd_ODI, Cd_SubODI, Txt_Desc_ODI, Nr_TI, Txt_Tipo_Obra, Txt_Class_Obra, Vl_UC/UAR, Vl_COM, Vl_Proj_ST, Vl_Mont_ST, Vl_Frete_ST, Vl_Fis_ST, Vl_Sup_ST, Vl_Ger_ST, Vl_Proj_MOP, Vl_Mont_MOP, Vl_Frete_MOP, Vl_Fis_MOP, Vl_Sup_MOP, Vl_Ger_MOP, Vl_Tot_CA, Vl_JOA, Vl_Outros, Vl_Tot_Proj, Dt_Ini_Proj, Dt_Energ, Dt_Uniti, Pct_OE, txt_PLPT_OE, txt_Doa_OE, txt_Incor_OE, Nr_Fases, SDI_importacoes_id) VALUES ...
And the following error:
SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '/UAR, Vl_COM, Vl_Proj_ST, Vl_Mont_ST, Vl_Frete_ST, Vl_Fis_ST, Vl_Sup_ST, Vl_Ger_' at line 1
The problem is the field "Vl_UC/UAR" must have this "/" and i don't know how to place the "`" character to make the MySQL accept it.
Someone know how to make it work?
If a column contains a / it needs to be quoted and the backtick is an subshell in PHP so:
\`Vl_UC/UAR\`
However its probably easier to rename the column.
This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 5 years ago.
I have problem. in my database, I have a column email. When I make SQL query I get following error:
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '#gmail.com)' at line 1
This is my code:
$sql = "SELECT ID_Dijak from dijak WHERE (Email=".$mejl.")";
If I try to do query in php my admin it works if I put ' ' between my email, but how to do it in php? Thank you.
I'm sorry I made a mistake earlier... I tested this way and it should now work
$sql='SELECT ID_Dijak from dijak WHERE (Email = "' . $mejl . '")';
take datatype varchar() for email
I would suggest using a prepared statement in PHP, also to prevent injection attacks.
$stmt = $dbc->prepare("SELECT ID_Dijak from dijak WHERE Email=?");
$stmt->bind_param("s", $mejl);
$stmt->execute();
This question already has an answer here:
Syntax error due to using a reserved word as a table or column name in MySQL
(1 answer)
Closed 7 years ago.
I am making myself a website and I am onto the backend administration section, I'm currently stuck on submitting the details from a form into my database, however I keep getting the same error over and over again no matter what, which is:
Error:
You have an error in your SQL syntax; check the manual that corresponds to your >MySQL server version for the right syntax to use near 'Change) VALUES ('Connor', >'Connor')' at line 1
This is the code which is giving me the error (it connects perfectly to the database):
$query = "INSERT INTO changes (DevName,Change) VALUES ('$dev', '$changed')";
$a = mysql_query($query);
It keeps saying syntax error when I have been looking at other code, and it shows the exact same thing as the code that I have (except the variables of course).
That's cause Change is a reserve word in MySQL.. You will have to escape it using backtique.
The following works fine, otherwise explosions:
create table changes
( DevName varchar(100),
`Change` varchar(100)
);
insert changes(DevName,`Change`) values ('1','2');
Please don't use mysql_* methods because they are deprecated in PHP5.5 and removed in PHP7. Instead of that you should use PDO or mysqli
$sth = $dbh->prepare('INSERT INTO changes ('DevName', 'Change') VALUES (:dev, :changed)');
$sth->bindParam(':dev', $dev, PDO::PARAM_STR);
$sth->bindParam(':changed', $changed, PDO::PARAM_BOOL);
$sth->execute();
For more details about PDO visit site http://php.net/manual/en/book.pdo.php
This question already has an answer here:
How to insert into MySQL using a prepared statement with PHP [duplicate]
(1 answer)
Closed 9 years ago.
I'm getting the following error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' DStormr', 'ddo.png', 'Online:' at line 1`
The sql is the following:
"UPDATE articulo SET '".$nombre."', '".$imagen."', '".$text."', '".$precio."', '".$popup."', ".$genero_id.
" WHERE id=".$id"";
What am I missing/not seeing?
When you do an UPDATE you need to SET key = 'value'.
I have a Query That work in phpmyadmin but not work on php (mysqli)
where is the problem ?
Query:
INSERT INTO `SepidarSoft_Portal`.`Archive_Media` SET `CTime`='1364135670',`UTime`='1364135670',`PID`='',`State`='1',`Sequence`='0',`Subject`='Hojom Marg ( www.Parstafrih.ir )',`Text`='',`Description`='',`Definition`='',`KeyWord`='',`ETag`='',`Access`='',`LinkToPage`='',`Attachment`='[{\"Name\":null,\"Kind\":null,\"Size\":false,\"Address\":\"27\",\"More\":{\"Original\":1}}]',`STime`='0',`ETime`='0';
SET #LAST_ID:=LAST_INSERT_ID();
INSERT INTO `SepidarSoft_Portal`.`Archive_Media_MoreInfo` (`id`,`Key`,`Value`) VALUES (#LAST_ID,'Instrumental','1'),(#LAST_ID,'KindFile','صوتی'),(#LAST_ID,'Genre','نغمه'),(#LAST_ID,'SName','Amir Tajik ( www.Parstafrih.ir )'),(#LAST_ID,'Events','[[\"\"]]'),(#LAST_ID,'Album','( www.Parstafrih.ir )'),(#LAST_ID,'Composer',''),(#LAST_ID,'Adjustment',''),(#LAST_ID,'Subtitle','[object HTMLInputElement]'),(#LAST_ID,'Release','');
Error:
#1064 -You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'SET #LAST_ID:=LAST_INSERT_ID();
1) I use php mysqli_multi_query for this
Your issue is simple.
Backticks ( ` ) are used to execute commands in php. That's why you're being given a syntax error. Replace them with single or double quotes within your mysqli functions.
Kindly read the following document and you should be sorted :)
Backticks on php.net