I've been receiving this error.
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'schoolPass = '300570'' at line 1.
please help here is my code for login.php.
<?php
session_start();
require_once '../cn.php';
require_once '../functions.php';
if (isset($_POST['email']) && ($_POST['password'])){
$email = sanitizeString($_POST['email']);
$pass = sanitizeString($_POST['password']);
$query = "SELECT schoolEmail,schoolPass FROM schools WHERE schoolEmail =
'$email' schoolPass = '$pass'";
$result = mysqli_query ($conn, $query) or die (mysqli_error($conn));
$count = mysqli_num_rows ($result);
if ($count == 1) {
echo "pwede na";
} else {
$err = "Invalid Log in Credentials";
};
if (isset($_SESSION['email'])){
$email = $_SESSION['email'];
echo ("hello.$email.");
};
} else {
echo "email/ password not set";
};
$conn->close();
?>
Replace your code line:
$query = "SELECT schoolEmail,schoolPass FROM schools WHERE schoolEmail =
'$email' schoolPass = '$pass'";
BY
$query = "SELECT schoolEmail,schoolPass FROM schools WHERE schoolEmail =
'$email' AND schoolPass = '$pass'";
$query = "
SELECT schoolEmail
, schoolPass
FROM schools
WHERE schoolEmail = '$email'
AND schoolPass = '$pass'
";
In between your two conditions on WHERE, it should be separated by an AND or an OR or a NOT.
Related
This is with php , PDO on MS Access .mdb with linux drivers , have this code :
$sql = "SELECT * FROM F_ART WHERE CODART = :id";
$result = $this->cache->get($sql . $id);
if(!$result){
$stm = $this->db->prepare($sql);
$stm->bindParam(':id',$id);
$stm->execute();
$result = $stm->fetchAll();
$this->cache->set($sql.$id,$result);
}
return $result;
which output this:
Error at Line : syntax error near ?
syntax error near ?
Got no result for 'SELECT * FROM F_ART WHERE CODART = ?' command
with normal query string it works :
$sql = "SELECT * FROM F_ART WHERE CODART ='" . $id . "'";
$result = $this->cache->get($sql . $id);
if (!$result) {
$result = $this->db->query($sql)->fetchAll();
$this->cache->set($sql.$id,$result);
}
return $result;
where is the problem?
I'm trying to get the mySQL update to work below and there's no console error but it doesn't reflect any changes I have made to the database.
Please let me know if i miss out anything.
Appreciate it very much.
table 1: nmc_cd
table 2: nmc_category
table 3: nmc_publisher
In this update php, it gets the values from the previous php and update the table.
<?php
header('Content-type: text/html; charset=iso-8859-1');
include 'database_conn.php'; // make db connection
$pCDTitle = filter_has_var(INPUT_GET, 'CDTitle') ? $_GET['CDTitle']: null; // store all parameter in variable
$pCDPubName = filter_has_var(INPUT_GET, 'CDPub') ? $_GET['CDPub']: null;
$pCDYear = filter_has_var(INPUT_GET, 'CDYear') ? $_GET['CDYear']: null;
$pCDCategory = filter_has_var(INPUT_GET, 'CDCat') ? $_GET['CDCat']: null;
$pCDPrice = filter_has_var(INPUT_GET, 'CDPrice') ? $_GET['CDPrice']: null;
$pCDID = filter_has_var(INPUT_GET, 'CDID') ? $_GET['CDID']: null;
$pCDPubID = filter_has_var(INPUT_GET, 'pubID') ? $_GET['pubID']: null;
$sql = "UPDATE nmc_cd "
. "SET nmc_cd.CDTitle='$pCDTitle',nmc_cd.CDYear='$pCDYear',nmc_cd.CDPrice='$pCDPrice',nmc_cd.catID='$pCDCategory',nmc_cd.pubID='$pCDPubName'"
. "WHERE nmc_cd.CDID='$pCDID'";
if ($conn->query($sql) === TRUE) {
echo "<b><font face='verdana' font sise='3' color='red'>Record updated successfully</font></b>";
$sql = "SELECT * FROM nmc_cd "
. "JOIN nmc_category ON (nmc_cd.catID = nmc_category.catID)"
. "JOIN nmc_publisher ON (nmc_cd.pubID = nmc_publisher.pubID)"
. "WHERE nmc_cd.CDID = '$pCDID'"; //Query Database
$result = mysqli_query($conn, $sql);
$row = mysqli_fetch_assoc($result);
$CDID = $row['CDID'];
$CDTitle = $row['CDTitle'];
$CDYear = $row['CDYear'];
$CDPrice = $row['CDPrice'];
$catDesc = $row['CDCat'];
$pubName = $row['CDPub'];
$location = $row['location'];
echo "<table>";
echo "<tr><th>Title</th><th>Year</th><th>Price</th><th>Catergory</th><th>Publisher</th><th>Location</th></tr>";
echo "<tr><td>".$row["CDTitle"]."</td><td> ".$row["CDYear"]."</td><td> ".$row["CDPrice"]."</td><td> ".$row["CatCD"]."</td><td> ".$row["CatPub"]."</td><td> ".$row["location"]."</td></tr>"; //Display Data Table Data
echo "</table";
mysqli_close($conn);
} else {
echo "<b><font face='verdana' color='red'>Error updating record!!!</font></b>" . $conn->error;
}
?>
I want to add record to a table which contain a picture. when i try to add, it shows me this error
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' masalah = 'dsd' AND gambar = 'kerusi.JPG'' at line 1
so, here are the code
<?php
session_start();
include("Connections/connection.php");
$date = $_POST['date'];
$masalah = $_POST ['masalah'];
$gambar = $_POST ['gambar'];
$student_id = $_POST['student_id'];
$status = 'pending';
/*session yg di call tok lecturer tu*/
$student_id = "SELECT * FROM student WHERE student_id ='".$_SESSION['student_id']."'" ;
$result=mysql_query($student_id);
$getstudentid = mysql_fetch_assoc($result);
$student_id = $getstudentid['student_id'];
/*take 3 data from rc */
$sql = "SELECT * FROM aduan WHERE date = '$date', masalah = '$masalah' AND gambar = '$gambar' ";
$rr = mysql_query($sql) or die(mysql_error());
$tt = mysql_num_rows($rr);
if($tt > 0) {
header("Location: borang_aduan2.php?error=2");
} else { /*to check tarikh*/
$tarikh_user = strtotime($date);
$tarikh_harini = strtotime(date('Y-m-d'));
if($tarikh_user < $tarikh_harini) {
//error
header("Location: borang_aduan2.php?error=1");
} else {
//$No = $num_rows+1;
/*$sql_const = mysql_query ("Select MAX(user_name)as id from lecturer")or die (mysql_error());
$rows = mysql_fetch_array ($sql_const);
$id = $rows ['id'];*/
/*insert data*/
mysql_query("INSERT INTO aduan (date, masalah, gambar, student_id )
VALUES('$date','$masalah', '$gambar','$student_id')")
or die('Error: ' .mysql_error($conn));
echo "<script type='text/javascript'>
alert('Thanks make a report!')
location.href='borang_aduan2.php'
</script>";
}
//Freeing all memory associated with it
mysql_free_result($result);
//Closes specified connection
mysql_close($conn);
}
?>
Dont use "," in between two field selection criteria. So instead of:
SELECT * FROM aduan WHERE date = '$date',
^^
Use
SELECT * FROM aduan WHERE date = '$date' AND
I get following Error:
Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in......
Here is my query:
$result = mysql_query("SELECT * FROM users WHERE username = $user' AND password = '$pass'");
while($row = mysql_fetch_array($result))
{
$expire = time()+60*60*24*30;
setcookie("id", $row['id'], $expire);
echo "Logged in. as <b>.".$row['username']."</b>";
}
Seems you are missing a ' on the left side of $user in this (I have added it here):
$result = mysql_query("SELECT * FROM users WHERE username = '$user' AND password = '$pass'");
I'm simply trying to run a query using wpdb query and prepare statements.
On my page it returns:
[You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'myQuery' at line 1]
PHP Code:
<?php
$dirName1 = 'C:/wamp/www/c2c/wp-content/themes/flawless-v1-01';
$dirName2 = 'C:/wamp/www/c2c';
require_once($dirName1.'/config/setup.php');
require_once($dirName2.'/wp-config.php');
require_once($dirName2.'/wp-load.php');
$wpdb->show_errors();
$tableName = $wpdb->prefix . "user_orders";
$user = wp_get_current_user();
$userId = $user->ID;
$userName = $user->user_login;
// echo $tableName . ': ' . $userId . ': '. $userName;
// echo var_dump($tableName);
// echo var_dump($userId);
// echo var_dump($userName);
// These echo the correct formats for the prepare statement below
$myQuery = $wpdb->query(
$wpdb->prepare("
SELECT *
FROM $tableName
WHERE `user_id` = %d
AND `user_name` = %s",
$tableName,
$userId,
$userName)
);
$results = $wpdb->get_results(myQuery, ARRAY_A);
?>
You're missing the dollar sign before your variable name:
$results = $wpdb->get_results(myQuery, ARRAY_A);
should be
$results = $wpdb->get_results($myQuery, ARRAY_A);