Can Doctrine save fields which are reserved keys? - mysql

I have a table with "from", "with" columns too. When I want to persist it, I get an exception:
PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'from, with, fb_email, fb_id, fb_login_code, fb_hometown, fb_location, fb_tagged_' at line 1' in
I affraid the "from" and "with" names causes this, any idea?

As documented under Quoting Reserved Words:
Sometimes it is necessary to quote a column or table name because of reserved word conflicts. Doctrine does not quote identifiers automatically, because it leads to more problems than it would solve. Quoting tables and column names needs to be done explicitly using ticks in the definition.
<?php
/** #Column(name="`number`", type="integer") */
private $number;
Doctrine will then quote this column name in all SQL statements according to the used database platform.
Warning
Identifier Quoting does not work for join column names or discriminator column names unless you are using a custom QuoteStrategy.
For more control over column quoting the Doctrine\ORM\Mapping\QuoteStrategy interface was introduced in 2.3. It is invoked for every column, table, alias and other SQL names. You can implement the QuoteStrategy and set it by calling Doctrine\ORM\Configuration#setQuoteStrategy().
The ANSI Quote Strategy was added, which assumes quoting is not necessary for any SQL name. You can use it with the following code:
<?php
use Doctrine\ORM\Mapping\AnsiQuoteStrategy;
$configuration->setQuoteStrategy(new AnsiQuoteStrategy());

For yaml orm mapping you have to specify column with escaped quotes :
fields:
order:
column: "`order`"
type: integer

Related

Escaping hyphen in MySQL query (not using a backtick)

We have an existing schema we're trying to fit some quartz tables into, but the tables are named with hyphen in them, so we'd like to use a prefix like "08-Scheduling_QUARTZ_"
Since quartz doesn't wrap any of the queries in back ticks, the prefix doesn't work.
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '08-Scheduling_QUARTZ_TRIGGERS SET TRIGGER_STATE = 'WAITING' WHERE SCHED_NAME' at line 1]]
Curious if there is any chance there is some other way to escape the "-" in a mysql query other than `` around the whole table name?
I've tried
x'-'x
x\-x
x"-"x
x`-`x
No, you must delimit the identifier if it has certain punctuation characters.
In MySQL, the default identifier delimiter is the back-tick.
If you enable the ANSI or ANSI_QUOTES SQL modes, you can use double-quotes as an identifier delimiter.
If you don't want to use delimiters, you must choose a different convention for prefixing your table names. You could use _ for example.
Read https://dev.mysql.com/doc/refman/8.0/en/identifiers.html for more details on the characters permitted in identifiers without delimiters.

when i will run this query it will give an error

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'specific) VALUES ('5.jpg','kids','anyone')' at line 1,,
My query is
$sql="INSERT INTO imagetable(image,name,specific) VALUES ('$dbimage','$dbname','dbspec')";
specific is a reserved word in MySQL. Either use backticks to escape it or use another name for your column.
INSERT INTO imagetable (image, name, `specific`)
VALUES ('$dbimage','$dbname','dbspec')
sql="INSERT INTO `imagetable` (`image`,`name`,`specific`) VALUES ('$dbimage','$dbname','dbspec')";
While not required, it is a good practice to surround your column names (and table names) with ` characters. This avoids issues with reserved words used by the SQL language.
The reason you are getting this issue is because "specific" is a reserved keyword by the SQL language. Think of it like trying to name a variable "if". Since the keyword "if" is reserved by the coding language, you cannot do this. It is the same concept with "specific" in SQL.

How to access table when the name is a keyword [duplicate]

This question already has an answer here:
Syntax error due to using a reserved word as a table or column name in MySQL
(1 answer)
Closed 8 years ago.
I just realized that i assigned a table name as "AS" and when i was trying to do a select query, i kept getting an error:
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"as"'.
So i looked up for reserved words and found out that "AS" is reserved. Well, i think i knew before (used for aliases) but just didn't consider it.
So to fix this will easily be to rename the table name. But assuming i don't want to, can i still access this table using some sort of symbol ? i tried putting it in quotes and double quotes but no success.
With mysql, you can wrap reserved words (or any words for that matter) in backticks to cause word to be parsed as a literal name rather than the keyword:
select * from `AS`
Read more about it in the on line documentation under "identifier quote character".
Yes use this(backtiks):
SELECT * FROM `as`
You should use backticks. Else MySQL will consider it as a Keyword. If we use backtick then they are called quoted identifiers and they tell the parser to handle the text between them as a literal string. They are useful for when you have a column or table that contains a keyword or space.
Please refer: http://dev.mysql.com/doc/refman/5.6/en/reserved-words.html

Mysql handling with single quotes conflict

I'm using joomla to develop sites, but I'm having a strange error. I have a syntax error in the following code:
$q = "TRUNCATE TABLE ".$db->quote('#__csvi_available_fields');
Which give output on runtime:
TRUNCATE TABLE 'erx_csvi_available_fields'
But mysql shows an error:
JDatabaseMySQL::query: 1064 - You have an error in your SQL syntax;
check the manual that corresponds to your MySQL server version for the
right syntax to use near ''#__csvi_available_fields'' at line 1
SQL=TRUNCATE TABLE '#__csvi_available_fields'
The strange thing is when I run without quotes, it runs normal:
TRUNCATE TABLE erx_csvi_available_fields <-- works without problem
Any idea what went wrong here ?
As other have said the wrong quotes have been added.
When using Joomla's JDatabase to provide quoting there are two different functions you can call one for values and another for database, table or column/field names.
To make your example line work you need to use quoteName() as follows:
$q = "TRUNCATE TABLE ".$db->quoteName('#__csvi_available_fields');
The $db->quote() is used to quote values being used in the SQL.
You can read through /libraries/joomla/database/database.php for an idea of how the abstraction is supposed to work.
don't use single quotes "'". use "`" (left to the numbers on your keyboard). normal single quotes are for strings, same as double quotes
Single quotes are used for strings, you should use backticks for names.
From the MySQL manual:
The identifier quote character is the backtick (`)
Also have a look at this Stackoverflow question: Using backquote/backticks for mysql queries

Error in MySQL Query (Banned Word?)

I have an MySQL query, which returns an error message. I think it could be due to the word "out". Normally, I would just change the field name but I am working on some software that I am not used to and I don't know how much of a change that would be. So, I want to be sure if I have to.
Here is the query:
SELECT * FROM probid_bids WHERE auctionid=73 AND out=0 AND invalid=0
Here the error message:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'out=0 AND invalid=0' at line 1
OUT is indeed a reserved word. You can encase the column names in backticks to quote the names, and thus avoid this problem, like so:
SELECT * FROM probid_bids WHERE `auctionid`=73 AND `out`=0 AND `invalid`=0
OUT is a reserved word (it is used to specify the type of parameters -- IN, OUT, INOUT -- when creating procedures). Try enclosing it inside backticks (`).
The rules regarding how and when to quote the identifiers (table names, column names, etc) are described here.
Note: certain MySQL configurations allow you to use double quotes as well but this should be avoided; stick with using backticks to quote identifiers and single quotes to quote strings.
Escape the keys:
SELECT * FROM `probid_bids` WHERE `auctionid`=73 AND `out`=0 AND `invalid`=0