laPistola Posted September 28, 2009 Share Posted September 28, 2009 Hello Im building an application and im building a function that controls all MySQL commands but when i test this function im getting the error Unknown column 'asa' in 'field list' but asa is a value and is in the value section of the command. I echo'd what the PHP code is using for the sql command and this is what it returned INSERT INTO customers (`cuid`,`country`,`website`) VALUES (`asa`,`United Kingdom`,`http://`) Which looks just as it should at the moment but still the error suggests its using the value asa as a column name? Here is the function code: <?php function doSQL($type,$tN,$goTo,$gtWid,$widV,$pk,$pkv,$database,$db) { // function type, table Name, Go to page, go to page with an ID call, ID Value, Target record, Record Value $columns = array(); $values = array(); foreach($_POST as $key => $value) { if ((!empty($value)) && (!empty($key)) && ($key!="insert") && ($key!="saveAdd") && ($Key!="saveClose")) { array_push($columns,"`".$key."`"); array_push($values,"`".$value."`"); } } if($type=="insert") { $sql = "INSERT INTO ".$tN." (".implode(",",$columns).") VALUES (".implode(",",$values).")"; mysql_select_db($database, $db); $results = mysql_query($sql, $db) or die(mysql_error()); $url = $_SERVER['SERVER_NAME']."/apps/$goTo"; if(!is_numeric($gtWid)) { $url .= "?".$gtWid."=".$widV; } header("Location: $url"); } else if ($type=="update") { $sql = "UPDATE ".$tN." SET "; foreach($_POST as $key => $value) { $sql .= "$key=$value, "; } $sql .= "WHERE $pk = $pkv"; // NEEDS HEADERS URLS! } } ?> PHP server is 5.2.8 MySQL server is 5.1.30 anyhelp to figure this one out would be great thank you. Link to comment https://forums.phpfreaks.com/topic/175869-solved-the-value-being-used-as-the-column-name/ Share on other sites More sharing options...
PFMaBiSmAd Posted September 28, 2009 Share Posted September 28, 2009 Single-quotes ' are uses around string data. Back-ticks ` are used around table and column names that need special handling because they contain special characters or are a reserved word. Link to comment https://forums.phpfreaks.com/topic/175869-solved-the-value-being-used-as-the-column-name/#findComment-926661 Share on other sites More sharing options...
Alex Posted September 28, 2009 Share Posted September 28, 2009 Change array_push($values,"`".$value."`"); to array_push($values,"'".$value."'"); String values should have either single or double quotations around them, not back-ticks. Edit: PFMaBiSmAd said it before me. Link to comment https://forums.phpfreaks.com/topic/175869-solved-the-value-being-used-as-the-column-name/#findComment-926662 Share on other sites More sharing options...
laPistola Posted September 28, 2009 Author Share Posted September 28, 2009 ahh i see, i used back ticks incase the user used a reserved word, id the function that can check for them? Link to comment https://forums.phpfreaks.com/topic/175869-solved-the-value-being-used-as-the-column-name/#findComment-926668 Share on other sites More sharing options...
Alex Posted September 28, 2009 Share Posted September 28, 2009 Because it's a string no entered data would have a conflict with any reserved words. Link to comment https://forums.phpfreaks.com/topic/175869-solved-the-value-being-used-as-the-column-name/#findComment-926674 Share on other sites More sharing options...
laPistola Posted September 28, 2009 Author Share Posted September 28, 2009 ahh thank you, didn't know that Link to comment https://forums.phpfreaks.com/topic/175869-solved-the-value-being-used-as-the-column-name/#findComment-926677 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.