laPistola Posted September 28, 2009 Share Posted September 28, 2009 Hello Im building an application and im building a function that controls all MySQL commands but when i test this function im getting the error Unknown column 'asa' in 'field list' but asa is a value and is in the value section of the command. I echo'd what the PHP code is using for the sql command and this is what it returned INSERT INTO customers (`cuid`,`country`,`website`) VALUES (`asa`,`United Kingdom`,`http://`) Which looks just as it should at the moment but still the error suggests its using the value asa as a column name? Here is the function code: <?php function doSQL($type,$tN,$goTo,$gtWid,$widV,$pk,$pkv,$database,$db) { // function type, table Name, Go to page, go to page with an ID call, ID Value, Target record, Record Value $columns = array(); $values = array(); foreach($_POST as $key => $value) { if ((!empty($value)) && (!empty($key)) && ($key!="insert") && ($key!="saveAdd") && ($Key!="saveClose")) { array_push($columns,"`".$key."`"); array_push($values,"`".$value."`"); } } if($type=="insert") { $sql = "INSERT INTO ".$tN." (".implode(",",$columns).") VALUES (".implode(",",$values).")"; mysql_select_db($database, $db); $results = mysql_query($sql, $db) or die(mysql_error()); $url = $_SERVER['SERVER_NAME']."/apps/$goTo"; if(!is_numeric($gtWid)) { $url .= "?".$gtWid."=".$widV; } header("Location: $url"); } else if ($type=="update") { $sql = "UPDATE ".$tN." SET "; foreach($_POST as $key => $value) { $sql .= "$key=$value, "; } $sql .= "WHERE $pk = $pkv"; // NEEDS HEADERS URLS! } } ?> PHP server is 5.2.8 MySQL server is 5.1.30 anyhelp to figure this one out would be great thank you. Quote Link to comment https://forums.phpfreaks.com/topic/175869-solved-the-value-being-used-as-the-column-name/ Share on other sites More sharing options...
PFMaBiSmAd Posted September 28, 2009 Share Posted September 28, 2009 Single-quotes ' are uses around string data. Back-ticks ` are used around table and column names that need special handling because they contain special characters or are a reserved word. Quote Link to comment https://forums.phpfreaks.com/topic/175869-solved-the-value-being-used-as-the-column-name/#findComment-926661 Share on other sites More sharing options...
Alex Posted September 28, 2009 Share Posted September 28, 2009 Change array_push($values,"`".$value."`"); to array_push($values,"'".$value."'"); String values should have either single or double quotations around them, not back-ticks. Edit: PFMaBiSmAd said it before me. Quote Link to comment https://forums.phpfreaks.com/topic/175869-solved-the-value-being-used-as-the-column-name/#findComment-926662 Share on other sites More sharing options...
laPistola Posted September 28, 2009 Author Share Posted September 28, 2009 ahh i see, i used back ticks incase the user used a reserved word, id the function that can check for them? Quote Link to comment https://forums.phpfreaks.com/topic/175869-solved-the-value-being-used-as-the-column-name/#findComment-926668 Share on other sites More sharing options...
Alex Posted September 28, 2009 Share Posted September 28, 2009 Because it's a string no entered data would have a conflict with any reserved words. Quote Link to comment https://forums.phpfreaks.com/topic/175869-solved-the-value-being-used-as-the-column-name/#findComment-926674 Share on other sites More sharing options...
laPistola Posted September 28, 2009 Author Share Posted September 28, 2009 ahh thank you, didn't know that Quote Link to comment https://forums.phpfreaks.com/topic/175869-solved-the-value-being-used-as-the-column-name/#findComment-926677 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.