Jump to content

What's wrong with this query?

dudejma

By dudejma
in MySQL Help

 Share

Recommended Posts

dudejma Regular Member

dudejma

Posted
Posted

I have this INSERT query:

 

$sql2 = "INSERT INTO hub_change (pilotID, from, to, reason, expDate) VALUES ('$pilotid', '$oldHub', '$newHub', '$reason', '$expDate')";

 

And I always get this error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'from, to, reason, expDate) VALUES ('1', '2', '3', '4', '5')' at line 1

 

What's wrong with it, anyone know? Thanks!

Link to comment
https://forums.phpfreaks.com/topic/243453-whats-wrong-with-this-query/
Share on other sites
Muddy_Funster Regular Member

Muddy_Funster

Posted
Posted

you are wrapping integer values within quotes, thus making them strings.  This will not please your database if the fields are set to int, take the quotes out.  Also, your actual error is coming from the fact that you have names a column in your table as "from". This is a reserved word.  you will either have to rename the column (Recomended) or put backticks arround the colum title to tell your database not to process this as it normaly would.

Final result using backticks should be:

INSERT INTO hub_change (pilotID, `from`, to, reason, expDate) VALUES ($pilotid, '$oldHub', '$newHub', '$reason', '$expDate'

 

I have only removed the single quotes from $pilotid as I expect that the others are possible varchar/text/date fields that you are entering numerical values into as test data, if they are not then you will need to remove the quotes from thise values aswell.

Muddy_Funster Regular Member

Muddy_Funster

Posted
Posted

make a habit to add (`) for table fields in queries, But before that you should understand the database designing. Because you should not take (from) as a field name. DO NOT USE reserve keyword as a field name.

 

If you do not use reserverd words then there is absoloutly no need to use backticks either.  Why should anyone get into that habit?

fenway Advanced Member

fenway

Posted
Posted

you are wrapping integer values within quotes, thus making them strings.  This will not please your database if the fields are set to int, take the quotes out.

But if you're not quoting your literals, you will be open to injection attacks.

kickstart Member

kickstart

Posted
Posted

make a habit to add (`) for table fields in queries, But before that you should understand the database designing. Because you should not take (from) as a field name. DO NOT USE reserve keyword as a field name.

 

I would be inclined to say to never use a back tick around field names, etc. That way mistakenly using a reserved word for a field name is obvious as early as possible and can be changed to something less likely to cause issues before much code has been written.

 

All the best

 

Keith

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.