When using the below command
$query=$comm->prepare("DELETE FROM ? WHERE id = ?");
I am receiving the following error
You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near '? WHERE id = ?' at line 1
if i remove ? and replace it with table name the code is working properly. Please Help
? is used for parameters, which can change. Why are you using ? for the table name? It remains constant.
Table names cannot be parametrized. Since you supply the table name, and not the user (right?), it should be safe to concatenate/interpolate normally.
Related
I have this problem in PHP I can't solve:
$nIDEmp=$_GET["idEmp"];
$dniEmp=$_GET["dniEmp"];
$sql="UPDATE empleados
SET
dniEmp= coalesce($dniEmp, dniEmp) WHERE nIDEmp=$nIDEmp";
So, this SQL QUERY DO works, I tryied it into my database with no problems, BUT, SQL keeps throwing me the following error:
You have an error in your SQL syntax; check the manual that corresponds to your
MariaDB server version for the right syntax to use near ' dniEmp) WHERE nIDEmp=1' at line 3
I just can't figure out what i'm doing wrong.
Thank you in advance.
EDIT: I hardcoded NULL into the SQL QUERY and suddenly the code worked
SO, php isn't sending a null value to the sql query?
How do i solve this?
Solution: after doing the query, check (in PHP) for all the values to be null, if they are null, make the variable = "NULL" like the following:
$nIDEmp=$_GET["idEmp"];
$dniEmp=is_null($_GET["dniEmp"])?"NULL":$_GET["dniEmp"]; //<- Here is the solution
$sql="UPDATE empleados
SET
dniEmp= coalesce($dniEmp, dniEmp) WHERE nIDEmp=$nIDEmp";
Hello I try do a Update like this
$sql = "UPDATE info SET YES/NO = '$_POST[value]' WHERE ID = '$_POST[id]'";
I am getting this error:
Error updating record: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '/NO = 'YES' WHERE ID = '5'
I think this can be error from use SLASH on my database, If it is the problem how can i solve it?, thanks and i cant find any on google working for it.
Usualy, anything different than alphanumeric and underscore is not recommended.
Indeed, it is not a good practice to name a colomn like you did.
I will recommend you to rename the colomn yes_no otherwise, you will get the same error again, again and again.
I am trying to update my database with php and for that I have written the following query :
$query = " UPDATE users SET username = '$username' , password = '$password' WHERE id = $id ";
and the error is shown as :
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use
near '' at line 1
can you please help..
“syntax to use near ‘something’” shows the first few characters after the last part of the query that MySQL could parse. When ‘something’ is a zero-length string like in this case, it means the query ended before it was complete. That points to $id being an empty string.
You didn’t ask for comments on whether your query has other severe problems that will certainly lead to cybercreeps pwning your web site, so I won’t offer any such comments. :-)
I am using following Insert statement to insert Blob row read from one database into another. (there is data when i echo the same insert statement).
UPDATE:
"INSERT INTO co_registration_picture_evidence_blb
(_URI, _CREATOR_URI_USER, _CREATION_DATE, _LAST_UPDATE_URI_USER, _LAST_UPDATE_DATE,
_TOP_LEVEL_AURI, VALUE) VALUES('".$imageRow['_URI']."','".$imageRow['_CREATOR_URI_USER']."','"
.$imageRow['_CREATION_DATE']."','".$imageRow['_LAST_UPDATE_URI_USER']."','".
$imageRow['_LAST_UPDATE_DATE']."','".$imageRow['_TOP_LEVEL_AURI']."'".
$imageRow['VALUE']."')"
I get following error message.
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 3
Update: Now i get this error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?PNG\r\n\Z\n\0\0\0\rIHDR\0\0\0?\0\0\0?\0\0\0????\0\0%iCCPICC Profile\0\0x??M' at line 3
Can anyone tell what's wrong with the syntax? my guess is that i should wrap VALUE column that is of type LongBlob (that holds an image) to some encoding function. (all data fields are already mysql_real_escape_string() filtered).
Any input would be really appreciated.
Regards.
You seem to be missing a , '
INSERT INTO co_registration_picture_evidence_blb
(_URI, _CREATOR_URI_USER, _CREATION_DATE, _LAST_UPDATE_URI_USER, _LAST_UPDATE_DATE,
_TOP_LEVEL_AURI, VALUE) VALUES('".$imageRow['_URI']."','".$imageRow['_CREATOR_URI_USER']."','"
.$imageRow['_CREATION_DATE']."','".$imageRow['_LAST_UPDATE_URI_USER']."','".
$imageRow['_LAST_UPDATE_DATE']."','".$imageRow['_TOP_LEVEL_AURI']."', '".
$imageRow['VALUE']."')
What did I change?
'".$imageRow['_TOP_LEVEL_AURI']."'".
'".$imageRow['_TOP_LEVEL_AURI']."', '".
hi im using mysqli and i saw some examples using placeholder like :something and ?
when i used ? its working, but when i used :something in query like this
$sql = INSERT INTO food(food_name)
VALUES(:food_name)
then error showed up when i called
$mysqli_object->prepare($sql);
error message sounds like this
User Error! You have an error in your
SQL syntax; check the manual that
corresponds to your MySQL server
version for the right syntax to use
near ':food_name)' at line
but when i used ? as the placeholder, everything working well, i used PHP 5.3.1 and MySQL 5.1.41
am i missed somewhere, any help will be appreciated thanks
mysqli does not support named placeholders.
PDO does, using either bindParam or execute.
(Careful, you can only use a named placeholder once per query. They aren't too incredibly useful.)