I'm stuck in an update query. I'm working on registration form where if confirm mail link is been redirected to site then update query pass and update row with confirm value.
Here is the error message:
#1064 - You have an error in your SQL syntax; check the manual that
corresponds to your MariaDB server version for the right syntax to use
near ''users' SET 'confirm'='1' WHERE
'com_code'='732aabcb4ad6a03b51e0a55aab998726'' at line 1
Please check where my syntax is wrong:
UPDATE 'users'
SET 'confirm'='1'
WHERE 'com_code'='732aabcb4ad6a03b51e0a55aab998726';
Thanks!
To quote identifiers use backticks ` Identifier Names
Identifiers may be quoted using the backtick character - `. Quoting is
optional for identifiers that don't contain special characters, or is
a reserved word. If the ANSI_QUOTES SQL_MODE flag is set, double
quotes (") can also be used to quote identifiers.
UPDATE `users`
SET `confirm`='1'
WHERE `com_code`='732aabcb4ad6a03b51e0a55aab998726';
or don't use them at all if your identifiers aren't keywords or don't contains spaces and so on:
UPDATE users
SET confirm ='1'
WHERE com_code='732aabcb4ad6a03b51e0a55aab998726';
You don't need to put confirm, users and com_code inside quotes,
use this:
UPDATE users
SET confirm ='1'
WHERE com_code='732aabcb4ad6a03b51e0a55aab998726';
Related
We have an existing schema we're trying to fit some quartz tables into, but the tables are named with hyphen in them, so we'd like to use a prefix like "08-Scheduling_QUARTZ_"
Since quartz doesn't wrap any of the queries in back ticks, the prefix doesn't work.
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '08-Scheduling_QUARTZ_TRIGGERS SET TRIGGER_STATE = 'WAITING' WHERE SCHED_NAME' at line 1]]
Curious if there is any chance there is some other way to escape the "-" in a mysql query other than `` around the whole table name?
I've tried
x'-'x
x\-x
x"-"x
x`-`x
No, you must delimit the identifier if it has certain punctuation characters.
In MySQL, the default identifier delimiter is the back-tick.
If you enable the ANSI or ANSI_QUOTES SQL modes, you can use double-quotes as an identifier delimiter.
If you don't want to use delimiters, you must choose a different convention for prefixing your table names. You could use _ for example.
Read https://dev.mysql.com/doc/refman/8.0/en/identifiers.html for more details on the characters permitted in identifiers without delimiters.
I have a table with "from", "with" columns too. When I want to persist it, I get an exception:
PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'from, with, fb_email, fb_id, fb_login_code, fb_hometown, fb_location, fb_tagged_' at line 1' in
I affraid the "from" and "with" names causes this, any idea?
As documented under Quoting Reserved Words:
Sometimes it is necessary to quote a column or table name because of reserved word conflicts. Doctrine does not quote identifiers automatically, because it leads to more problems than it would solve. Quoting tables and column names needs to be done explicitly using ticks in the definition.
<?php
/** #Column(name="`number`", type="integer") */
private $number;
Doctrine will then quote this column name in all SQL statements according to the used database platform.
Warning
Identifier Quoting does not work for join column names or discriminator column names unless you are using a custom QuoteStrategy.
For more control over column quoting the Doctrine\ORM\Mapping\QuoteStrategy interface was introduced in 2.3. It is invoked for every column, table, alias and other SQL names. You can implement the QuoteStrategy and set it by calling Doctrine\ORM\Configuration#setQuoteStrategy().
The ANSI Quote Strategy was added, which assumes quoting is not necessary for any SQL name. You can use it with the following code:
<?php
use Doctrine\ORM\Mapping\AnsiQuoteStrategy;
$configuration->setQuoteStrategy(new AnsiQuoteStrategy());
For yaml orm mapping you have to specify column with escaped quotes :
fields:
order:
column: "`order`"
type: integer
This question already has an answer here:
Syntax error due to using a reserved word as a table or column name in MySQL
(1 answer)
Closed 8 years ago.
I am trying to update a database via an update query,but I am getting an error that says
Error com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'add=null,col=null,wok=null,pcol=null,pwok=null,bio=null where un ='null'' at line 1.
I have been trying for hours to figure out what the error is in my SQL Syntax,but I haven't been able to get through.
The update query is:
query = "Update users SET em=?, mn=?,add=?,col=?,wok=?,pcol=?,pwok=?,bio=? where un ='"+un+"'";
I need help in figuring out the error in my update syntax,Thanks.
ADD is a reserved word in mysql use backticks
\`add\`=?
http://dev.mysql.com/doc/mysqld-version-reference/en/mysqld-version-reference-reservedwords-5-5.html
ADD is reserved word. Please quote it or change field name
From Reserved Words
the word add is a reserved keyword
Reserved words are permitted as identifiers if you quote them as
described in Section 9.2, “Schema Object Names”:
From Schema Object Names
An identifier may be quoted or unquoted. If an identifier contains
special characters or is a reserved word, you must quote it whenever
you refer to it.
I'm using joomla to develop sites, but I'm having a strange error. I have a syntax error in the following code:
$q = "TRUNCATE TABLE ".$db->quote('#__csvi_available_fields');
Which give output on runtime:
TRUNCATE TABLE 'erx_csvi_available_fields'
But mysql shows an error:
JDatabaseMySQL::query: 1064 - You have an error in your SQL syntax;
check the manual that corresponds to your MySQL server version for the
right syntax to use near ''#__csvi_available_fields'' at line 1
SQL=TRUNCATE TABLE '#__csvi_available_fields'
The strange thing is when I run without quotes, it runs normal:
TRUNCATE TABLE erx_csvi_available_fields <-- works without problem
Any idea what went wrong here ?
As other have said the wrong quotes have been added.
When using Joomla's JDatabase to provide quoting there are two different functions you can call one for values and another for database, table or column/field names.
To make your example line work you need to use quoteName() as follows:
$q = "TRUNCATE TABLE ".$db->quoteName('#__csvi_available_fields');
The $db->quote() is used to quote values being used in the SQL.
You can read through /libraries/joomla/database/database.php for an idea of how the abstraction is supposed to work.
don't use single quotes "'". use "`" (left to the numbers on your keyboard). normal single quotes are for strings, same as double quotes
Single quotes are used for strings, you should use backticks for names.
From the MySQL manual:
The identifier quote character is the backtick (`)
Also have a look at this Stackoverflow question: Using backquote/backticks for mysql queries
I have an MySQL query, which returns an error message. I think it could be due to the word "out". Normally, I would just change the field name but I am working on some software that I am not used to and I don't know how much of a change that would be. So, I want to be sure if I have to.
Here is the query:
SELECT * FROM probid_bids WHERE auctionid=73 AND out=0 AND invalid=0
Here the error message:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'out=0 AND invalid=0' at line 1
OUT is indeed a reserved word. You can encase the column names in backticks to quote the names, and thus avoid this problem, like so:
SELECT * FROM probid_bids WHERE `auctionid`=73 AND `out`=0 AND `invalid`=0
OUT is a reserved word (it is used to specify the type of parameters -- IN, OUT, INOUT -- when creating procedures). Try enclosing it inside backticks (`).
The rules regarding how and when to quote the identifiers (table names, column names, etc) are described here.
Note: certain MySQL configurations allow you to use double quotes as well but this should be avoided; stick with using backticks to quote identifiers and single quotes to quote strings.
Escape the keys:
SELECT * FROM `probid_bids` WHERE `auctionid`=73 AND `out`=0 AND `invalid`=0