I'm trying to run this query:
INSERT INTO table_a (fb_uid, from, to, time) VALUES (12345,'blah','test','2012-12-13 11:30:00')
But I'm getting:
You have an error in your SQL syntax; check the manual that corresponds
to your MySQL server version for the right syntax to use near
'from, to, time) VALUES (12345,'blah','test','2012-12-13 11:3' at line 1
The query seems fine to me, what is wrong with it?
Use backticks on your fields to prevent a conflict with MySQL reserved words:
INSERT INTO table_a (`fb_uid`, `from`, `to`, `time`) VALUES (12345,'blah','test','2012-12-13 11:30:00')
In this case, from and to are the reserved words
See here for more information and a complete list of reserved words.
FROM and TO are reserved keyword,
INSERT INTO table_a (fb_uid, `from`, `to`, time)....
MySQL Reserved Keyword List
time is a restricted word, does this help:
INSERT INTO table_a (`fb_uid`, `x`, `y`, `time`) VALUES (12345,'blah','test','2012-12-13 11:30:00')
Escaping everything to be sure.
Related
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'group, name, domain, status) VALUES ('19', 'Minecraft', 'Bukkit', 'Bukkit Basic'' at line 1
mysql_query("INSERT INTO products (id, server, group, name, domain, status)
VALUES ('".$productid."', '".$productserver."', '".$productgroup."',
'".$productname."', '".$productdomain."', '".$productstatus."')")
OR die(mysql_error());
I have rewritten the code 5 times.
group is a reserved word in MySQL. You have to escape it with backticks:
INSERT INTO products (id, server, `group`, name, domain, status) VALUES ...
use backticks (`) around column names when you use reserved keywords in query. group is a reserved keyword. So use `group`
See Reserved Words
I have ths query, again i'm trying to pass from pop3 account to mysql database:
mysqli_query($con,"INSERT INTO procesa_emails (body_mail, uid_message, fecha, from, to, subject, message_id) VALUES ('".mysqli_real_escape_string($con,htmlentities(str_replace("'","",str_replace('"','',$message))))."','".mysqli_real_escape_string($con,htmlentities($uid_mess))."','".mysqli_real_escape_string($con,htmlentities($fecha))."','".mysqli_real_escape_string($con,htmlentities($from))."','".mysqli_real_escape_string($con,htmlentities($to))."','".mysqli_real_escape_string($con,htmlentities($subject))."','".mysqli_real_escape_string($con,htmlentities($mui))."')")or die(mysqli_error($con));
But It returns me:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'from, to, subject, message_id)
I tried with str_replace("'","",str_replace('"'.'')) But It also doesn't work
FROM is a reserved keyword. So, if you want to use that inside your query, you need to wrap it in backticks, like so:
mysqli_query($con,"
INSERT INTO procesa_emails (body_mail, uid_message, fecha, `from`, ...
Hope this helps!
Here is my query
INSERT INTO faq (order, heading, content)
VALUES ('$_POST[order]','$_POST[heading]','$_POST[content]')
I have a field before it called ID that I set to auto increment and INT
I get this error "Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order, heading, content) VALUES ('Order','Title','content')' at line 1"
Is there something I am missing, it works just fine if the ID field doesn't exist?
order is a sql keyword. You need to use backticks to escape the word order
INSERT INTO faq (`order`, `heading`, `content`)
VALUES ('$_POST[order]','$_POST[heading]','$_POST[content]')
Also you should escape those $_POST parameters instead of inserting them directly into your SQL query:
$order = mysql_real_escape_string($_POST['order']);
...
INSERT INTO faq (`order`, `heading`, `content`)
VALUES ('$order','$heading','$content')
I have a line of code in PHP as follows...
mysql_query("INSERT INTO `updates` (project_id, date, update) VALUES ('{$project}', '{$date}', '{$update}')") or die(mysql_error());
However I'm getting the following SQL syntax error...
You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near 'update) VALUES ('14', '2012-05-06', 'Test update')' at line 1
If anyone could help me with this that would be great, perhaps it's obvious but I just can't see what's wrong here!
Change the query as below:
mysql_query("INSERT INTO `updates` (`project_id`, `date`, `update`) VALUES ('{$project}', '{$date}', '{$update}')") or die(mysql_error());
This is because date and update are registered keywords in MySQL. We cannot use it directly in the query. We need to escape it.
date and update are reserved words in MySQL.
You can use:
"INSERT INTO `updates` (project_id, `date`, `update`) VALUES ('{$project}', '{$date}', '{$update}')"
Though ideally you should never use a reserved word as an entity name. It offers no advantages, yet has a few minor disadvantages (for example, makes the SQL less portable).
Also, a fairly minor point, if project_id is an integer typed field, pass it an integer, not a string. Like:
INSERT INTO `updates` (project_id, `date`, `update`) VALUES ({$project}, '{$date}', '{$update}')
update is a keyword in SQL, encapsulate your mysql fields in backticks.
First and foremost Thing: you can not user mysql preserver word. When you use it, be ready to waste your hours in finding out error.
Here is the list of reserve words: DO NOT USE ANY AMONG IT
http://dev.mysql.com/doc/refman/5.5/en/reserved-words.html
Second: Even if you want to dare to use preserved keyword. User table prefix or column prefix along with reserved keyword.
Third:
When ever you perform the database operations along php either quote each and every parameter where required or just user simple one.
i.e if you wish to quote db table columns than surround each column by quote
"INSERT INTO `updates` (`project_id`, `date`, `update`) VALUES ('{$project}', '{$date}', '{$update}')"
and if you don't quote then quote none of them
"INSERT INTO updates (project_id, date, update) VALUES ('{$project}', '{$date}', '{$update}')"
Hope this would help you
I cant find where my mistake is.
$result= mysql_query(" INSERT INTO inbox ( messages, from, to, date, control_panel_id, title )
VALUES( '".$message."' , '".$this->sender."' , '".$this->recipient."', NOW() , '".$this->control_panel_id."' , '".$title."' )
") or die(mysql_error());
I get:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'from, to, date, control_panel_id, title ) VALUES( ' ' at line 1
What am I doing which is wrong?
You need to quote reserved words like from when using them as names or aliases. You can do this by surrounding them with backticks, for example:
SELECT messages, `from`, ...
If in doubt, you can safely quote all column names.
INSERT INTO `inbox`
(`messages`, `from`, `to`, `date`, `control_panel_id`, `title`)
VALUES
-- etc...
Also, you may wish to consider avoiding names that are reserved worsd in future to avoid problems like this.
from is a reserved word in SQL. If that's a column name, you always have to enclose it in backticks. (Or double quotes for ANSI mode).
You could also write your mysql_query string less cumbersome by actually utilizing the double quotes:
$result = mysql_query("
INSERT INTO inbox
( messages, `from`, `to`, `date`,
control_panel_id, title )
VALUES
( '$message', '$this->sender', '$this->recipient',
NOW() , '$this->control_panel_id', '$title' )
")
or die(mysql_error());
(And contemporary PHP database interfaces would be even less effort, bla bla..)
Mysql not suppot some keyword as it used in mysql syntax so i think you have change
keywords from, to and date to other name...