Database query failed: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'LIMIT 1' at line 1
function get_subject_by_id($subject_id) {
global $connection;
$query = "SELECT * ";
$query .= "FROM subjects ";
$query .= "WHERE id=" . $subject_id ." ";
$query .= "LIMIT 1";
$result_set = mysql_query($query, $connection);
confirm_query($result_set);
// REMEMBER:
// if no rows are returned, fetch_array will return false
if ($subject = mysql_fetch_array($result_set)) {
return $subject;
} else {
return NULL;
}
}
?>
Try to replace all the query thing by this:
$query = "
SELECT *
FROM subjects
WHERE id = $subject_id
LIMIT 1";
I'd be looking at what your passing into $subject_id.
Please please please don't use SELECT *. Even if you want all of the columns, write them out. If your tables change and get more columns added then your pulling along more data.
Related
If someone can explain why doesnt work, i would apriciate :)
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''categorias'' at line 1
<?php
include "includes/connection.php";
$query = "SELECT * FROM 'categorias' ";
$result = mysql_query($query) or die (mysql_error());
while ($categorias = mysql_fetch_array($result)) {
echo "<p>" . $categorias ['descricao'] . "</p>";
}
?>
Remove the single quotes from your table name. Instead use back ticks if needed.
$query = "SELECT * FROM categorias ";
Or
$query = "SELECT * FROM `categorias` ";
I have this MySQL statement writen in PHP, but it seems to contain a syntax-error.
$user_forum_sql = ( !empty($forum_id) ) ? " WHERE session_page = " . intval($forum_id) : '';
$sql = "SELECT * FROM " . $session_table_name . '"'.$user_forum_sql.'"';
This is the error I'm having. I'm not sure what is causing it.
SQL Error : 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '""' at line 1
SELECT * FROM ""
$user_forum_sql = ( !empty($forum_id) ) ? " WHERE session_page = " . intval($forum_id) .'' ;
$sql = "SELECT * FROM " . $session_table_name.$user_forum_sql;
echo $sql;
Your $session_table_name is empty, so you might have not started your session or have not set the value.
My SQL statement doesn't work...
Here is my variable:
$email="test#test.com";
These statements doesn't work :
$sql = "SELECT * FROM table WHERE email = $email";
$sql = 'SELECT * FROM table WHERE email = ' . $email;
1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '#test.com' at line 1
But if I use a string instead of the variable, it works:
$sql = "SELECT * FROM table WHERE email = 'test#test.com'";
What's wrong with my statement?
Thanks!
please escape strings in mysql
$sql = "SELECT * FROM table WHERE email = $email";
$sql = 'SELECT * FROM table WHERE email = ' . $email;
This should work
$sql = "SELECT * FROM table WHERE email = '$email'";
table is a keyword, so can write like this
$sql = "SELECT * FROM `table` WHERE email='$email'";
$this->db->where('email', $this->input->post('email'));
$query =$this->db->get($this->user);
//$sql = "SELECT * FROM user WHERE email = '$email'";
if($query->num_rows == 1)
{
return true;
}
else
{
return false;
}
}
}
I am having an issue getting this to work. I have multiple WHERE statements that need to happen based on conditional information from the search query. Within there I can't seem to get the LIKE statements to work.
In the database the STREET_NUM & STREET_NAME are in different rows. I am using one input field to check against called $address
I am also struggling with getting the MIN & MAX to work.
Here is the Query:
$sql = "SELECT * FROM arc_property_res WHERE ( arc_property_res.STATUS = 'Active'";
if(!empty($_GET['city'])){
// City only query!
$sql .= "AND arc_property_res.CITY = '{$_GET['city']}'";
}
if(!empty($_GET['neighborhood'])){
// Hood only query!
$sql .= "AND arc_property_res.SUBDIVISION = '{$_GET['neighborhood']}'";
}
if(!empty($_GET['mls-number'])){
// MLS only query!
$sql .= "AND arc_property_res.MLS_ACCT = '{$_GET['mls-number']}'";
}
if(!empty($_GET['min-price']) && !empty($_GET['max-price'])){
// MIN AND MAX only query!
$sql .= "AND arc_property_res.LIST_PRICE = MIN('{$_GET['min-price']}') MAX('{$_GET['max-price']}')";
}
if(!empty($_GET['num-of-beds'])){
// BEDS only query!
$sql .= "AND arc_property_res.BEDROOMS = '{$_GET['num-of-beds']}'";
}
if(!empty($_GET['num-of-baths'])){
// BATHS only query!
$sql .= "AND arc_property_res.BATHS_FULL = '{$_GET['num-of-baths']}'";
}
if(!empty($_GET['mls-number'])){
// BATHS only query!
$sql .= "AND arc_property_res.MLS_ACCT = '{$_GET['mls-number']}'";
}
if(!empty($_GET['address'])){
$sql .= "AND arc_property_res.STREET_NUM LIKE '%{$_GET['address']}'";
$sql .= "OR arc_property_res.STREET_NAME LIKE '{$_GET['address']}%'";
}
$sql .= ") ORDER BY {$orderby}{$price_order}{$comma}{$list_date}";
I think all you need are some parentheses around the arc_property_res.STREET_NUM. Further, I would recommend you add some spaces around each line in your entire code so that you don't get syntax errors.
if(!empty($_GET['address'])){
$sql .= " AND (arc_property_res.STREET_NUM LIKE '%{$_GET['address']}' ";
$sql .= " OR arc_property_res.STREET_NAME LIKE '{$_GET['address']}%') ";
}
In addition to the obvious "Bobby Tables" issue that your query has, the problem at hand is that you do not insert a space in front of AND. This results in queries that look like this:
AND arc_property_res.BEDROOMS =3AND arc_property_res.BATHS_FULL =2
Note that there is no space between 3 and AND - a syntax error.
You should look into parametrizing your queries, and modifying it in a way that ignores the parameters that have been set to NULL.
SELECT * FROM arc_property_res WHERE ( arc_property_res.STATUS = 'Active'
AND (arc_property_res.CITY = #cityParam OR #cityParam is NULL)
AND (arc_property_res.SUBDIVISION = #subdiv OR #subdiv is NULL)
...
)
This modification would let you keep the query the same regardless of the number of parameters that were actually set, get you the same results, taking pretty much the same time.
$sql .= "AND arc_property_res.LIST_PRICE = MIN('{$_GET['min-price']}') MAX('{$_GET['max-price']}')";
The min and max functions are for when you want to get the min and max of a field in your database.
What you want is to compare the list price to see if it falls in between the min and max values supplied by the user.
$sql .= " AND arc_property_res.LIST_PRICE >= '{$_GET['min-price']}' AND arc_property_res.LIST_PRICE <= '{$_GET['max-price']}'";
I just got error from MYSQL saying "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1"
After submiting form on the page i got that messenge.
Any ideas?
Here is sql code that i used
$sql = "SELECT * FROM member ".
"WHERE termId='$term' ".
"AND year='$year' ".
"AND familyId='$familyId' order by memberId";
$rs = mysql_query($sql) or die(mysql_error());
You may need to replace single quotes in your query with backticks as follows.
$sql = "SELECT * FROM member ".
"WHERE termId=`$term` ".
"AND year=`$year` ".
"AND familyId=`$familyId` order by memberId";
$rs = mysql_query($sql) or die(mysql_error());
Your final SQL is
SELECT * FROM member_class WHERE termId='2' AND year='' AND familyId='' order by memberId
I suspect at least familyID, maybe also year are number fields, so this is a syntax error.
Always use mysql_real_escape_string to escapes special characters in a string.
$term=mysql_real_escape_string($term);
if(isset($year,$familyid,$term))
{
$myear=intval($year);
$mfamilyid=intval($familyid);
$sql = "SELECT * FROM member WHERE termId='$term'
AND year='$myear'
AND familyId='$mfamilyId'
order by memberId";
$rs = mysql_query($sql) or die(mysql_error());
}