I'm using MySqlCommand for perform query insert in my vb.net application, now I've this query:
UPDATE primo_appointments SET
book_datetime = #parameter1,
start_datetime = #parameter2,
end_datetime = #parameter3,
notes = #parameter4,
hash = #parameter5,
is_unavailable = #parameter6
WHERE hash = xqA5jdsFBLPTrvy5kKHfgXBZdv9Hs2Ld
AND lastUpdated = 12-01-2016 15:53:47.3978486
when I do: .ExecuteNonQuery() this error appear:
you have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '15:53:47.3978486' at line 1.
What is wrong?
Your lastUpdated and hash is not enclosed in single quotes which is the cause of your error.
The fix for this is not to enclose it in quotes, but to use a parameter for these values as well as the others:
UPDATE primo_appointments SET
book_datetime = #parameter1,
start_datetime = #parameter2,
end_datetime = #parameter3,
notes = #parameter4,
hash = #parameter5,
is_unavailable = #parameter6
WHERE hash = #oldHashString
AND lastUpdated = #lastUpdatedDate
When you use a parameterised list, you don't have to remember whether a field needs to be surrounded by quotes or not - this is handled for you. It also protects you from SQL injection attacks.
your varchar should between 2 ', you query should be:
UPDATE primo_appointments SET book_datetime = #parameter1,
start_datetime = #parameter2, end_datetime = #parameter3,
notes = #parameter4, hash = #parameter5, is_unavailable = #parameter6
WHERE hash = 'xqA5jdsFBLPTrvy5kKHfgXBZdv9Hs2Ld'
AND lastUpdated = '12-01-2016 15:53:47.3978486'
Related
here's the generated query:
UPDATE namelist
SET 'submitterName' = 'Jim'
,'actorName' = 'dingle'
,'setYear' = '1103'
,'country' = 'tanata'
,'blink' = 'on'
,'crush' = 'on'
,'initialize' = 'on'
,'entered' = 'on'
,'stuck' = 'on'
,'catapult' = 'on'
,'ruck' = 'on'
WHERE id = 31
it generates this (less than helpful) error:
You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near (query snippet) at line 1
for the life of me, i can't spot where the problem is. yes, column names match, yes
TIA for helping out.
WR!
You have used single quotes before and after columns in the query, replace those single quotes with backquotes.
So the query like
UPDATE namelist
SET `submitterName`='Jim',
`actorName`='dingle',
`setYear`='1103',
`country`='tanata',
`blink`='on',
`crush`='on',
`initialize`='on',
`entered`='on',
`stuck`='on',
`catapult`='on',
`ruck`='on'
WHERE id=31;
user ` instead of '
like this
UPDATE namelist SET `submitterName`='Jim',`actorName`='dingle',`setYear`='1103',`country`='tanata',`blink`='on',`crush`='on',`initialize`='on',`entered`='on',`stuck`='on',`catapult`='on',`ruck`='on' WHERE id=31
I'm getting an error about my query, and i'm not understanding what the problem might be. The error i get is
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'range = '55', atkspeed = '0.95', m_damage = '0', p_damage = '38', mprotection = ' at line 1
While the code i'm using is this one
$id = mysql_real_escape_string($_POST["id"]);
$value0 = mysql_real_escape_string($_POST["value0"]);
$value1 = mysql_real_escape_string($_POST["value1"]);
$value2 = mysql_real_escape_string($_POST["value2"]);
$value3 = mysql_real_escape_string($_POST["value3"]);
$value4 = mysql_real_escape_string($_POST["value4"]);
$value5 = mysql_real_escape_string($_POST["value5"]);
$value6 = mysql_real_escape_string($_POST["value6"]);
$value7 = mysql_real_escape_string($_POST["value7"]);
$value8 = mysql_real_escape_string($_POST["value8"]);
$value9 = mysql_real_escape_string($_POST["value9"]);
$value10 = mysql_real_escape_string($_POST["value10"]);
$query="UPDATE char_stats SET vita = '$value0', mana = '$value1', speed = '$value2', range = '$value3', atkspeed = '$value4', m_damage = '$value5', p_damage = '$value6', mprotection = '$value7', pprotection = '$value8', hp5 = '$value9', mp5 = '$value10' WHERE id_char_stats='$id'";
I'm using also other very similar queries so i don't get what the problem might be. I was thinking about the underscore on char_stats so i tried using
char\_stats
for escape, but it's not working anyway.
Thanks in advance
create table t11
(
id int not null,
`range` int not null,
speed int not null
);
update t11 set range='11', speed=1; -- blows up
update t11 set `range`='11', speed=1; -- fine
update t11 set `range`=11, speed=1; -- fine
Moral of the store: back-tick range. Even the create table blows up without it.
see mysql keywords and reserved words here. Range is one of them.
So your query would become:
$query="UPDATE char_stats SET vita = '$value0', mana = '$value1', speed = '$value2', `range` = '$value3', atkspeed = '$value4', m_damage = '$value5', p_damage = '$value6', mprotection = '$value7', pprotection = '$value8', hp5 = '$value9', mp5 = '$value10' WHERE id_char_stats='$id'";
I am using MySQL with ASP.NET/VB. In a table I use GUID instead of int identifiers. All goes as planned until I try to update a specific row, where I get a syntax error in the statement below:
Dim q As String = "UPDATE documents SET date_document = #date_document, document_type = #document_type, sender = #sender, receiver = #receiver, description = #description, document_number = #document_number, pages = #pages, handled_date = current_timestamp, handled_user_id = #handled_user_id, error_code = #error_code) WHERE id = #id"
My GUID parameter:
.Parameters.Add("#id", MySqlDbType.Guid, 16).Value = myguid
And the error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') WHERE id = '8873442f-2f0b-4372-ac08-8388220c6eca'' at line 1
Any ideas on what's going on?
You're chasing down the wrong issue. What character does your error syntax begin with? It starts off as ') Where id = ...
You're assuming it's the id. It's not. That works fine. The first character is a closing parenthesis. That's the clue. There is no opening parenthesis. Remove the ) because you don't need it with an update statement.
I have this query, which spits out that I have an error in syntax. I cannot for the life of me understand what it is. I have a table, where one column is email and the other is subscribed (the latter of which is a boolean using tinyint). Any idea what's wrong with this syntax?
$query = "UPDATE $DB_TABLE SET $DB_IS_SUBSCRIBED_KEY = 0 WHERE $DB_EMAIL_KEY = $email";
Your email value needs to be wrapped in quotes.
UPDATE tablename SET columname = 1 WHERE emailcolumn = "email#email.com"
I try to change my code from MYSQL to SQL and i got an error (SQL Syntax 'Limit').
So i tried to change my query and update with "TOP" but seems to work only with SELECT.
So, how can i change this MYSQL query :
$fct="UPDATE `users` SET `STREAM_TITRE` = '$STREAM_TITRE',`STREAM_URL` = '$STREAM_URL',`STREAM_DESC` = '$STREAM_DESC',`STREAM_GENRE` = '$STREAM_GENRE' WHERE `ID` =$IDSESS LIMIT 1";
Here is my SQL Code without Limit :
$fct="UPDATE users SET STREAM_TITRE = '$STREAM_TITRE', STREAM_URL = '$STREAM_URL', STREAM_DESC = '$STREAM_DESC', STREAM_GENRE = '$STREAM_GENRE' WHERE ID = '$IDSESS'";
Thanks
It's not very clear which version of your query is working and which is not - and in what DBMS.
If ID is of char or varchar type, you are missing some quotes in the LIMIT version. Although MySQL is not very picky and you won't have many issues, with or without quotes:
$fct = "
UPDATE users
SET STREAM_TITRE = '$STREAM_TITRE'
, STREAM_URL = '$STREAM_URL'
, STREAM_DESC = '$STREAM_DESC'
, STREAM_GENRE = '$STREAM_GENRE'
WHERE ID = $IDSESS --<-- this should be '$IDSESS' , right?
----- or $IDSESS , depending on the datatype
LIMIT 1
";
Note: The LIMIT n works in MySQL and PostgreSQL, but not in some other DBMS. Plus, I don't think you really need it anyway, as the ID is probably the Primary Key of the table.
If you are trying to convert the statement from MySQL to SQL-Server, you should not use the backquotes and replace LIMIT 1 with TOP (1):
$fct = "
UPDATE TOP (1) users
SET STREAM_TITRE = '$STREAM_TITRE'
, STREAM_URL = '$STREAM_URL'
, STREAM_DESC = '$STREAM_DESC'
, STREAM_GENRE = '$STREAM_GENRE'
WHERE ID = $IDSESS
";