SocomNegotiator Posted February 10, 2009 Share Posted February 10, 2009 I have this code...it was working when I created the site like 3 months ago, but now it does not work. I get an error that says this "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1". Any help would be much appreciated. $res = mysql_query("SELECT * FROM `guide_order` WHERE user_id = '$userid' ORDER BY priority") or die('Error, query failed'); while($r = mysql_fetch_array($res)){ $db->query("INSERT INTO `order` (`order_number`,`pre_order_id` , `item_id` , `amount` , `user_id` ) VALUES (".$num.",".$r['id'].", ".$r['item_id'].", ".$r['amount'].", ".$r['user_id'].")") or die (mysql_error()); Quote Link to comment https://forums.phpfreaks.com/topic/144685-solved-do-you-see-anything-wrong-with-this-piece-of-code/ Share on other sites More sharing options...
The Little Guy Posted February 10, 2009 Share Posted February 10, 2009 Change this: "INSERT INTO `order` (`order_number`,`pre_order_id` , `item_id` , `amount` , `user_id` ) VALUES (".$num.",".$r['id'].", ".$r['item_id'].", ".$r['amount'].", ".$r['user_id'].")" To this: "INSERT INTO `order` (`order_number`,`pre_order_id` , `item_id` , `amount` , `user_id` ) VALUES ('".$num."','".$r['id']."', '".$r['item_id']."', '".$r['amount']."', '".$r['user_id']."')" Quote Link to comment https://forums.phpfreaks.com/topic/144685-solved-do-you-see-anything-wrong-with-this-piece-of-code/#findComment-759188 Share on other sites More sharing options...
PFMaBiSmAd Posted February 10, 2009 Share Posted February 10, 2009 One of the values is probably empty. You need to form your query in a variable so you can echo it to see what is in it. Quote Link to comment https://forums.phpfreaks.com/topic/144685-solved-do-you-see-anything-wrong-with-this-piece-of-code/#findComment-759190 Share on other sites More sharing options...
SocomNegotiator Posted February 10, 2009 Author Share Posted February 10, 2009 Ah thanks "The Little Guy" I hate all of this stupid stuff that php has!!! Quote Link to comment https://forums.phpfreaks.com/topic/144685-solved-do-you-see-anything-wrong-with-this-piece-of-code/#findComment-759191 Share on other sites More sharing options...
premiso Posted February 10, 2009 Share Posted February 10, 2009 I hate all of this stupid stuff that php has!!! Then why code in it if you hate it? Quote Link to comment https://forums.phpfreaks.com/topic/144685-solved-do-you-see-anything-wrong-with-this-piece-of-code/#findComment-759193 Share on other sites More sharing options...
Guest Posted February 10, 2009 Share Posted February 10, 2009 Ah thanks "The Little Guy" I hate all of this stupid stuff that php has!!! Hehe, all languages have quirks. Personally, I think this is one of the more manageable (and preventable) ones. Quote Link to comment https://forums.phpfreaks.com/topic/144685-solved-do-you-see-anything-wrong-with-this-piece-of-code/#findComment-759198 Share on other sites More sharing options...
PFMaBiSmAd Posted February 10, 2009 Share Posted February 10, 2009 If your fields are numeric, that change will only have the effect of inserting null/default values into the table. If you are expecting data values for each field, you need to find out why they are not being set by your script. Quote Link to comment https://forums.phpfreaks.com/topic/144685-solved-do-you-see-anything-wrong-with-this-piece-of-code/#findComment-759199 Share on other sites More sharing options...
The Little Guy Posted February 10, 2009 Share Posted February 10, 2009 If you don't use quotes around your values, MySQL will think that it is a command, so try and get in the habit of doing that. Quote Link to comment https://forums.phpfreaks.com/topic/144685-solved-do-you-see-anything-wrong-with-this-piece-of-code/#findComment-759200 Share on other sites More sharing options...
premiso Posted February 10, 2009 Share Posted February 10, 2009 If you don't use quotes around your values, MySQL will think that it is a command, so try and get in the habit of doing that. Not exactly true, numerical data, as PF pointed out, will be just fine. Yes, string values need to be surrounded with single quotes, or it is just in-proper syntax, and throws a syntax error. But from the error, it seems as though a value should be there, that is not. Which is due to poor validation techniques. As far as MySQL thinking it is a command, may be, but not all data needs 'single-quotes' around it Quote Link to comment https://forums.phpfreaks.com/topic/144685-solved-do-you-see-anything-wrong-with-this-piece-of-code/#findComment-759205 Share on other sites More sharing options...
The Little Guy Posted February 10, 2009 Share Posted February 10, 2009 I always do it, what can it hurt? I believe mysql will always treat the data as as an int even though it is sent as a string. I have had no problems doing math on the values afterward... Quote Link to comment https://forums.phpfreaks.com/topic/144685-solved-do-you-see-anything-wrong-with-this-piece-of-code/#findComment-759209 Share on other sites More sharing options...
premiso Posted February 10, 2009 Share Posted February 10, 2009 I always do it, what can it hurt? I believe mysql will always treat the data as as an int even though it is sent as a string. I have had no problems doing math on the values afterward... I am not saying it will cause problems, you can, by all means do it. Whether it is required or needed, no not really. And doing it without really fully understanding why could cause someone problems. As for me, I prefer to leave int's outside of quotes, so incase my form does screw up I get an error message about it. But that is just me being particular. Quote Link to comment https://forums.phpfreaks.com/topic/144685-solved-do-you-see-anything-wrong-with-this-piece-of-code/#findComment-759225 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.