Full error message:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
So it hasn't really told me much... Is there a way to find out more?
It has returned this message from two PHP files. Here are the first MySQL queries that I made in each file:
$query = mysql_query("SELECT * FROM `questions` WHERE `id`=".$currentId.";") or die( mysql_error() );
$query = mysql_query("SELECT * FROM `questions` WHERE `id`=".$theNextId.";") or die( mysql_error() );
There is PHP code before this though which opens the database etc.
Here is a similar problem: Link
Perhaps there an error in my concatenation?
Thanks.
$currentId is null or empty.
And don't forget about SQL-injection!
Remove semicolons. The docs say "the query string should not end with a semicolon".
It seems that your final ` (back-tick) character is missing.
Related
I am trying to update my database with php and for that I have written the following query :
$query = " UPDATE users SET username = '$username' , password = '$password' WHERE id = $id ";
and the error is shown as :
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use
near '' at line 1
can you please help..
“syntax to use near ‘something’” shows the first few characters after the last part of the query that MySQL could parse. When ‘something’ is a zero-length string like in this case, it means the query ended before it was complete. That points to $id being an empty string.
You didn’t ask for comments on whether your query has other severe problems that will certainly lead to cybercreeps pwning your web site, so I won’t offer any such comments. :-)
I'm getting these weird errors, and I've been up and down the code, commenting and rewriting, and googling all the things.
Perhaps you guys will see what I'm not seeing:
$mysqli = new mysqli('host','login','passwd','db');
if($mysqli->connect_errno > 0){ die('Cannot connect: '. $mysqli->connect_error); }
// See if there is one term or multiple terms
if (count($search) == 1) {
// If one term, search for that
$like = $search[0];
$stmt = "SELECT
gsa_committees.id,
gsa_committees.committee,
gsa_committees.appointer,
gsa_committees.representatives,
gsa_committees.contact,
gsa_committees.category,
gsa_committees.attachments,
gsa_committees.labels,
gsa_committee_reports.committee,
gsa_committee_reports.title,
gsa_committee_reports.author,
gsa_committee_reports.link,
gsa_funds.id,
gsa_funds.fund,
gsa_funds.attachments,
gsa_funds.labels,
gsa_meeting_minutes.title,
gsa_meeting_minutes.link,
gsa_officers.office,
gsa_officers.dept,
gsa_officers.name,
gsa_representatives.program_dept,
gsa_representatives.representatives,
gsa_representatives.alternate
FROM
gsa_committees,
gsa_committee_reports,
gsa_funds,
gsa_meeting_minutes,
gsa_officers,
gsa_representatives
WHERE
(gsa_committees.committee LIKE $like) AND
gsa_committees.committee IS NOT NULL";
}
if(!$result = $mysqli->query($stmt)){ die('Bad query: '. $mysqli->error); }
This gives me this error message:
Bad query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%ARCHAC%) AND gsa_committees.committee IS NOT NULL' at line 34
Which I know isn't true. If I change that las part to just this:
WHERE gsa_committees.committee LIKE $like";
I get this error message:
Bad query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%ARCHAC%' at line 34
Everywhere I've looked, the string "%".search."%" seems to be the correct method, but my server doesn't seem to like it here.
Interesting side note: I have a different LIKE statement working on another page on the same server, this just won't work for some reason.
Thanks!
Try putting single quotes around your search term ($like variable).
for example: (gsa_committees.committee LIKE '$like')
You need to wrap the variable in quotes for like to work:
WHERE gsa_committees.committee LIKE '$like';
See reference documentation on String Comparison Function.
it looks like missing quotes:
"WHERE gsa_committees.committee LIKE '$like' ";
Ok, I got it. The answer on this post solved my issue:
MYSQLI SQL query over multiple tables fail
As soon as I assigned the tables t1,t2,etc and did INNER JOIN, the results came in as expected, with %$search% or $search.
Thanks all!
So yesterday, this was working perfectly fine, I changed some other parts of the script, and now it's not. Can anyone tell me what looks wrong here? (The e-mail is just a random test.)
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE email='dskfj#idsfiosjd.asda''
$newemail = $formData["required"]["newemail"];
$email_check = mysql_query("SELECT * FROM $tbl_name WHERE email='$newemail'") or die(mysql_error());
$do_email_check = mysql_num_rows($email_check);
My guess is that you forgot or commented out the part of the code that sets $tbl_name.
The SQL engine is seeing select * from where . . . and getting an error on the where.
I think it has to do something with $tbl_name. Try to echo $tbl_name and see what you get.
Here's the function I created:
function get_phurl_option($option) {
$db_result = mysql_query("SELECT value FROM ".DB_PREFIX."options WHERE option = '$option'") or db_die(__FILE__, __LINE__, mysql_error());
$db_row = mysql_fetch_row($db_result);
return $db_row[0];
}
However, upon visiting a page that uses the function, I get the following error:
File: /usr/home/<removed>/includes/functions.php
Line: 28
Message: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'option = 'shortcode_type'' at line 1
I'm not sure why this would be, I've tried apostrophes, speech marks, and backticks, neither of which seem to work. I can't figure out the problem here, so any help would be much appreciated.
option is a MySQL reserved word, so you need to enclose it in backticks
$db_result = mysql_query("SELECT value FROM ".DB_PREFIX."options WHERE `option` = '$option'")
The specified error usually means that the field you're attempting to access is invalid or reserved by MySQL. Make sure you escape all variables in backticks:
SELECT `value` FROM `".DB_PREFIX."options` WHERE `option` = '$option'
The exact error message is:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'where rfflag='0'' at line 1
Hi,
I'm trying to get some php scripts working and it dies with the above error message. There are two locations where rfflag is used in the SQL query:
$_SESSION['lang']=$objTerm->my_get_one("select min(id) from "
.$objTerm->TABLE['languages']." where status='1' and rfflag='0'");
$rs_lang=$objTerm->execute_query("select id,language from "
.$objTerm->TABLE['languages']." where `status`='1' and `rfflag`='0'");
How do I determine which one is causing the problem? Or is the problem something else altogether?
Echo this:
"select id,language from ".$objTerm->TABLE['languages']." where status='1' and rfflag='0'"
and this:
"select min(id) from ".$objTerm->TABLE['languages']." where status='1' and rfflag='0'"
Then run execute each output in your favorite sql developer tool.
Errors will be displayed there.
How do I determine which one is causing the problem?
Remove one of the queries. See if it still happens.
On a secondary thought, I would suggest that you change your MySQL query code so, that it doesn't use die() to print out the error message. Use trigger_error or exceptions instead, this way you will automatically get a trace of which line caused it.
How do I determine which one is causing the problem?
use trigger_error() to output an error message.
I guess (I have to guess because you supply no code) that you are using die() to output an error.
if you change this bad practice function to trigger_error(), you will be able to see the line number, where error occurred.
If you add non only mysql_error() to it's output, but also query itself, you will be able to see the problem code too.
I guess $objTerm->TABLE['languages'] is undefined or does not have the value you’re expecting.
As sheeks06 has already suggested, just echo the query to see if everything is as expected:
$query = "select min(id) from "
.$objTerm->TABLE['languages']." where status='1' and rfflag='0'";
echo $query;
$_SESSION['lang']=$objTerm->my_get_one($query);
$query = "select id,language from "
.$objTerm->TABLE['languages']." where `status`='1' and `rfflag`='0'";
echo $query;
$rs_lang=$objTerm->execute_query($query);