I have a loop that inserts descriptions and thumbnails into a table, but not all the items in the loop have descriptions and thumbnails. I didn't think this was a problem, but sql won't insert it, unless they have a value. I thought it might be cause by the not null thing, so i tried to change "null" to "yes".
I set it to print out the executed query and the mysql error:
Query: INSERT INTO experiments (title, dir, desc, thumbnail) VALUES('3dbox', '3dbox', '', '')
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'desc, thumbnail) VALUES('3dbox', '3dbox', '', '')' at line 1
I've also tried this:
$d = #file_get_contents("/experiments/$sites[$i]/desc.txt") or false;
but that doesn't work either, as you can see in the query.
desc is a reserved word in Mysql. Hence, the error. You would need to change the column name to something else, or access it with backticks like this,
INSERT INTO experiments (title, dir, `desc`, thumbnail) VALUES('3dbox', '3dbox', '', '')
Here's the manual for reserved words.
desc is reserved in mysql and will have to be identified as:
INSERT INTO experiments (title, dir, `desc`, thumbnail) VALUES('3dbox', '3dbox', '', '')
You can not use "desc" as a column name because is a reserved word: http://dev.mysql.com/doc/refman/5.5/en/reserved-words.html, you need to escape it: try changin your query to this:
INSERT INTO experiments (title, dir, `desc`, thumbnail) VALUES('3dbox', '3dbox', '', '');
Related
I am trying to do a simple INSERT, but I keep on getting this error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'FROM,TO,ID,CURRENCY1,CURRENCY2,AMOUNT,NOTE,RATE) VALUES('test', 'test2', 'dd', '' at line 2
Here is my code:
mysql_query("INSERT INTO WIRET
(FROM,TO,ID,CURRENCY1,CURRENCY2,AMOUNT,NOTE,RATE) VALUES('$from', '$to', '$ID', '$currency1', '$currency2', '$amount','$note', '$rate') ")
or die(mysql_error());
Why am I getting this error? I copied this script from another area of my site where it works, I just changed the values.
FROM is a reserved word in MySQL (and SQL in general). If you really have a column named FROM you should wrap it with ` (backticks) so the parser knows you mean a name:
INSERT INTO WIRET (`FROM`, TO, ID, CURRENCY1, ...
If your column is named from you have to put it into "`" (backticks) because FROM is also a SQL keyword.
By putting a keyword (FROMhere) into backticks you say "this is not a SQL keyword" to the DBMS.
Example:
INSERT INTO WIRET (`FROM`,TO,ID,...
i am simply inserting the data from a form using PHP into a MYSQL Table but i am getting an unusual error.My code is
$q1="insert into product (category,image,name,desc) values ('$cat','$pname','$name','$desc')";
$res1=$con->query($q1);
if($res1)
{
some logic;
}
else
{
echo "error";
}
i am unusually getting the else part executed even if the code is sytactically correct.i have checked and verified the values of all the PHP variables.i am using OOP style PHP for database connection.Also,on executing the query in PHPmyadmin too using random values i am getting the following error:
SQL query:
INSERT INTO Product( category, image, name, DESC )
VALUES (
'dsdsd', 'sddsd', 'sd', 'it is a nice'
)
MySQL said: Documentation
#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'desc)
VALUES
('dsdsd','sddsd','sd','it is a nice')' at line 1
DESC is a reserved key word you need to use backticks as
INSERT INTO Product( category, image, name, `DESC` )
DESC Is a keyword in MySQL, You need to put that in Back ticks ``
INSERT INTO Product( category, image, name, `DESC` )
VALUES (
'dsdsd', 'sddsd', 'sd', 'it is a nice'
)
DESC is a mysql keyword. You need to use backtick like this:-
INSERT INTO Product( category, image, name, `DESC` )
I have a little problem inserting into a table, here is the code:
mysql_query("INSERT INTO admin_menu (id, title, type, icon, parent, url, order, append, module) VALUES('', 'powerpoint', '0', 'powerpoint.png', '0', 'powerpoint/config', '0', '0', '0' ) ") or die(mysql_error());
it gives me the following error:
You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near 'order, append, module) VALUES('', 'powerpoint', '0',
'powerpoint.png', '0', 'pow' at line 1
Any help would be greatly appreciated, thanks!
order is a reserved word. Wrap it in backticks
... url, `order`, append,...
You also shouldn't be using mysql_query.
Use of this extension is discouraged. Instead, the MySQLi or PDO_MySQL extension should be used.
you need to use backticks. order is reserved keyword.
mysql_query("INSERT INTO admin_menu (id, title, type, icon, parent, url, `order`, append, module)
I don't know what's wrong with my syntax, but I'm missing something:
$createrequest = mysql_query("INSERT INTO products_updates_queue (id, kid,
product_version_id, key, ip) VALUES ('$request_id', '$uid', '$version_id',
'$request_key', '$request_ip')");
I receive this error:
"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'key, ip) VALUES ('j4ctveyd0x62', '1', 'z451ah3', 'hqbyu7bhg8za', '64.134.163.2' at line 2"
Can anyone see what I am missing?
I think key is a reserved word, and you should avoid using it as a column name. Try using backticks around it:
$createrequest = mysql_query("INSERT INTO products_updates_queue (id, uid, product_version_id, `key`, ip) VALUES ('$request_id', '$uid', '$version_id', '$request_key', '$request_ip')");
key is a reserved word in MySQL. Avoid it, or wrap it in backticks.
Edit: And I hope you escaped the variables you're putting into that query.
I'm by no means experienced in mysql and keep getting an error in this lines of code:
$sql= "INSERT INTO songs (unique_show_id, artist, date, year, city, state, venue, taper, transfered_by, source, mic_loc, lineage, uploaded_by, uploaded_on, show_notes, show_xml)
VALUES('$showId', '$artist', '$showDate', '$year, '$city', '$state', '$venue', '$taper', '$transferer', '$source', '$mic_loc', '$lineage', '$uploader', NOW(), '$show_notes', '$show_xml')";
//check to see if the query went through
if (!mysql_query($sql,$con)){
echo "query fail";
die('Error: ' . mysql_error());
}
I'm sure it's something simplistic, but I can't see where the error is. The error message I get is:
query failError: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'ipuhgbi', 'CA', '', '', '', '', '', '', 'danwoods', NOW(), '', '<show id=\'gm198' at line 2
Some of the values I'm inserting are NULL, but from what I've read I don't think that should be a problem. Any ideas?
Missing quote after $year.
When MySQL issues such an error (near bla di bla), the error is usually immediately before the string it mentions. In this case 'ipuhgbi' maps to $city, so you know it's right before '$city', and what do we see there? Voila, a missing quote.
You need to use mysql_real_escape_string() in each and every single one of your $variables.
Also, read this StackOverflow question carefully regarding SQL Injections.
It looks like the last single quote on the error line is not escaped.
you need to remember to sanitize all of the strings going into the query.
There are quite few things you need to be sure about:
You don't insert primary keys through queries (eg unique_show_id in your code)
For numbers you don't use single quotes.
It is better to use the set variant of inserting records which avoids count problems eg:
Use intval for numbers and mysql_real_escaps_string for strings to avoid injections issues as well as single quotes query erros.
insert into table set field='field_value', field2='field_value' // and so on