We Keep Coding

how i can slove this error,SQLSTATE[42000]? [duplicate]

This question already has answers here:
MySQL Insert query doesn't work with WHERE clause
(31 answers)
Closed 2 years ago.
please help me to solve this error.i tired from searching solution...
error: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'WHERE name=NULL' at line 1
my database have 3 column=id(int),name(varchar),comment(varchar) and i want insert comment to it.
my php code :
<?php
include "./Config.php";
include './MyPDO.php';
$response = array() ;
$connect = MyPDO::getInstance();
$name = $_REQUEST['name'];
$comment=$_REQUEST['comment'];
$query = " INSERT INTO user "
. " (comment) "
. " VALUES "
. " (:comment) "
. " WHERE name=:name ";
$stmt = $connect->prepare($query);
$stmt->bindParam(":name",$name);
$stmt->bindParam(":comment",$comment);
try {
$stmt->execute();
$response['massage'] = "sucess";
echo json_encode($response);
exit;
} catch (PDOException $ex) {
$response['massage'] = "error";
$response['error']=$ex->getMessage();
echo json_encode($response);
}

Looks like you mixed the syntax here. You seem to want to update an existing record. Use
update user
set comment = :comment
where name = :name
insert if for creating a new record.

The insert into ... values() syntax does not take a where clause.
If you want to insert, then:
insert into user(name, comment) values(:name, :comment)
But actually it looks like you might want an update:
update users set comment = :comment where name = :name;
The former creates a new record in the table, with the given name and comment.
The latter modifies the already-existing record that has the same name and sets its comment value.

Select date and set it in other language-multiple queries in single mysql statement in PHP [duplicate]

This question already has answers here:
php/mysql with multiple queries
(3 answers)
Closed 5 years ago.
I want to run 2 queries in one statement in a PHP page. First query converts the datetime to greek, especially the day.
$query displays the table in my page.
They work as 2 queries in my joomla plesk, mysql database with a delimiter. But not in PHP.
Query I want to implement, before the main query:
SET lc_time_names = 'el_GR'
$query = "SELECT start,DATE_FORMAT(registerdate,'%W %d %M %Y') AS registerdate FROM table1;"
$query2 = "SET lc_time_names = 'el_GR'"
I want it to run set lc time first, and then the query to display register date column. Can I do that in a single query, or 2 queries?
Regards.

You can do it in PHP too.
Take look at multiple statements in the PHP manual
Here is what your PHP code should look like:
$query = "setlocale(LC_TIME, 'el_GR.UTF-8');
SELECT start,
DATE_FORMAT(registerdate,'%W %d %M %Y') AS registerdate
FROM table1;";
$mysqli = new mysqli("example.com", "user", "password", "database");
if (!$mysqli->multi_query($query)) {
echo "Multi query failed: (" . $mysqli->errno . ") " . $mysqli->error;
}
do {
if ($res = $mysqli->store_result()) {
var_dump($res->fetch_all(MYSQLI_ASSOC));
$res->free();
}
} while ($mysqli->more_results() && $mysqli->next_result());

Unable to delete from database using php [duplicate]

This question already has answers here:
delete * from table not working [closed]
(2 answers)
Clear data in MySQL table with PHP? [duplicate]
(7 answers)
Closed 7 years ago.
I am trying to delete entries from a mysql database by using a php file and for some reason it doesn't work. The connection (in "connect.php") works, as I am using the same file for my SELECT statements and those work. I am only having trouble with deleting them. Any ideas what I'm doing wrong?
Thanks in advance!
<?php
include "include/connect.php";
if($link === false){
die("ERROR: Could not connect. " . mysql_connect_error());
}
$word = (isset($_GET['email']) ? $_GET['email'] : null);
$sql = "DELETE * from tbl_sbs WHERE eml='" . word . "'";
$result = mysql_query($sql);
?>

You don't use * or column name for DELETE statement unless in WHERE clause for filtering purpose same as in SELECT statement. It should just be
$sql = "DELETE from tbl_sbs";
DELETE general syntax is
DELETE FROM TABLE_NAME WHERE COLUMN_NAME <comparison_operator> SOME_FILTER_CONDITION
So, in your case it should just be
$sql = "DELETE FROM tbl_sbs WHERE eml='" . $word . "'";
Error reporting would have thrown you an undefined constant word notice; IF that wasn't a typo in '" . word . "'.
The * and having checked for errors, would have thrown you the following:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '*
References:
https://dev.mysql.com/doc/refman/5.0/en/delete.html
http://php.net/manual/en/function.error-reporting.php
http://php.net/manual/en/function.mysql-error.php

And you must use the $ before a variable name (word)
$sql = "DELETE from tbl_sbs WHERE eml='" . $word . "'";

Mysql is not saving answer with ' character in it [duplicate]

This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
How do I handle single quotes inside a SQL query in PHP?
Greeting ,
I have a small script which is used for applications and it saves questions answer into the database. The script is given below:
while(list($QKey,$QVal) = each($AppQuestions)) {
$result2= mysql_query("
INSERT INTO forum_app_answers (AID, AppID, Question, Answer)".
" VALUES (NULL, '$AppID', '$Questions[$QKey]', '$QVal')"
) or die(mysql_error());
Now the problem is that if someone write ' character in the answer , the data doesnt get saved. For simple writing its okay . The problem is only if the answer contains ' in it. any help will be highly appreciated tx
The following error occures:
You Have An Error In Your SQL Syntax; Check The Manual That Corresponds To Your MySQL Server Version For The Right Syntax To Use Near 's GF. Channel Services')' At Line 1

Use prepared statements. Look up PDO and use prepared statements.
mysql_ is deprecated.
After connecting with $dbh = new PDO(),
$sql = 'sql';
$stmt = $dbh->prepare($sql);
$stmt->execute($params);

do the following:
$QVal = $mysqli->real_escape_string($QVal);
$query = "INSERT INTO forum_app_answers (AID, AppID, Question, Answer)
VALUES (NULL, '$AppID', '$Questions[$QKey]', '$QVal')";
// $mysqli is previously defined
$mysqli->query($query);
if ($mysqli->errno !=0){
printf("you have an error in your query %s", $mysqli->error);
}

You may try:
while(list($QKey,$QVal) = each($AppQuestions)) {
$result2= mysql_query("
INSERT INTO forum_app_answers
(AID, AppID, Question, Answer)". "
VALUES (
NULL,
'$AppID',
'$Questions[$QKey]',
'". mysql_real_escape_string($QVal). "')
") or die(mysql_error());
Without mysql_real_escape_string() your script also has huge security issues.

Using PDO insert values in the limit clause of an SQL statement? [duplicate]

This question already has answers here:
How to apply bindValue method in LIMIT clause?
(11 answers)
Closed 7 years ago.
In my PDO implementation, I am attempting to use an inserted value in the limit clause of the SQL statement:
$sql = "SELECT * FROM table ORDER BY datetime DESC LIMIT :limit";
$params = array(":limit" => 5);
$query = $dbh->prepare($sql);
$query->execute($params);
$result = $query->fetchall(PDO::FETCH_ASSOC);
$params and $query are correctly returned, but $result is empty.
Upon running print_r($query->errorInfo);, I get the following:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''5'' at line 1
How can I use PDO's insert values in this query? Am I doing it right?

See PHP PDO bindValue in LIMIT
Basically, you need to cast the limit value to int using intval() when binding.

You cannot bind variables into LIMIT clause’s operand (exactly, it probably depends on your database system vendor). Instead, use just string interpolation. :-(
$limit = 5;
$sql = "SELECT * FROM table ORDER BY datetime DESC LIMIT $limit";
$stmt = $dbh->query($sql);
$result = $stmt->fetchall(PDO::FETCH_ASSOC);