larry29936 Posted April 5, 2020 Share Posted April 5, 2020 I have this at the top of my index.php: <?php session_start(); // start of script every time. // setup a path for all of your canned php scripts $php_scripts = '/home/larry/web/test/php/'; // a folder above the web accessible tree // load the pdo connection module require $php_scripts . 'PDO_Connection_Select.php'; require $php_scripts . 'GetUserIpAddr.php'; //******************************* // Begin the script here $ip = GetUserIpAddr(); if (!$pdo = PDOConnect("foxclone")): { echo "Failed to connect to database" ; exit; } else: { $stmt = $pdo->prepare("INSERT INTO 'download' ('IP_ADDRESS', 'FILENAME') VALUES (?, ?"); $stmt->bindParam(1, $ip); $stmt->bindParam(2, $filename); $stmt->execute(); } endif; //exit(); ?> I'm getting the following error at the $pdo->prepare line: Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''download' ('IP_ADDRESS','FILENAME') VALUES (?, ?' at line 1 in /home/larry/web/test/public_html/index2.php:23 Stack trace: #0 /home/larry/web/test/public_html/index2.php(23): PDO->prepare('INSERT INTO 'do...') #1 {main} thrown in /home/larry/web/test/public_html/index2.php on line 23 I verified the format of the statement at https://www.w3schools.com/php/php_mysql_prepared_statements.asp but am unsure if it needs to be in the PDO_Connection_Select.php, or it belongs where I have it since the db is already connected. Quote Link to comment https://forums.phpfreaks.com/topic/310470-prepare-sql-statement-error/ Share on other sites More sharing options...
Barand Posted April 5, 2020 Share Posted April 5, 2020 Remove the quotes from your table and column name identifiers. Quote Link to comment https://forums.phpfreaks.com/topic/310470-prepare-sql-statement-error/#findComment-1576388 Share on other sites More sharing options...
larry29936 Posted April 5, 2020 Author Share Posted April 5, 2020 Thanks Barand, that took care of it. Quote Link to comment https://forums.phpfreaks.com/topic/310470-prepare-sql-statement-error/#findComment-1576389 Share on other sites More sharing options...
larry29936 Posted April 5, 2020 Author Share Posted April 5, 2020 (edited) @Barand - if I need to execute this in the download section of my index.php, do I need the entire code block or can I just do something like this: $stmt->bindParam(2, $filename); $stmt->execute(); Edited April 5, 2020 by larry29936 Quote Link to comment https://forums.phpfreaks.com/topic/310470-prepare-sql-statement-error/#findComment-1576390 Share on other sites More sharing options...
mac_gyver Posted April 5, 2020 Share Posted April 5, 2020 forget about all the bindParam calls. just supply an array of the values to the ->execute([$ip,$filename]) method call. if the filename is being changed, just call $stmt->execute([$ip,$filename]) again after each new value is assigned to $filename. Quote Link to comment https://forums.phpfreaks.com/topic/310470-prepare-sql-statement-error/#findComment-1576391 Share on other sites More sharing options...
larry29936 Posted April 5, 2020 Author Share Posted April 5, 2020 So use this instead: $stmt = $pdo->prepare("INSERT INTO download (IP_ADDRESS, FILENAME) VALUES (?, ?)"); $stmt->execute([$ip,$filename]) ; Then anywhere I want to insert a row in the db, set $filename and run the execute statement? Quote Link to comment https://forums.phpfreaks.com/topic/310470-prepare-sql-statement-error/#findComment-1576392 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.