Syntax error in query that I cant find - help save my brain! - PHP Server Side Scripting forum at WebmasterWorld - WebmasterWorld

Forum Moderators: coopster

Message Too Old, No Replies

Syntax error in query that I cant find - help save my brain!

lovduv

7:40 pm on Oct 15, 2008 (gmt 0)

10+ Year Member

Somwhere in the below block of code I have a missing, wrong, too many...quotes, back ticks, etc? It is throwing this error:

Couldn't execute query"insert into `mylists` (`name`,`owner`,`comments`,`completed`) values ('Me ','Me','testing''0', limit 1" error:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'limit 1' at line 1

My versions are:
PHP version 4.4.7
MySQL version 4.1.22-standard

I added a record manually in phpMyAdmin, and my update and delete scripts work, just not the insert....If you can find the error...I'll give you a cookie! ; )

else{

$query = "insert into `mylists` (`name`,`owner`,`comments`,`completed`) values ";
$query .= "('".db_escape($_POST['name'])."','".db_escape($_POST['owner'])."','".db_escape($_POST['comments'])."'";

if($_POST['completed'] == 'yes'){
$query .= "'1', ";
}else{
$query .= "'0', ";
}

$query .= " limit 1";

if(mysql_query($query)){
$output = '<b>Item added successfully!</b><br/><br/>';
}else{
$output = mysql_query($query) or die("Couldn't execute query\"$query\" error:" . mysql_error());
}
}

LifeinAsia

8:13 pm on Oct 15, 2008 (gmt 0)

WebmasterWorld Administrator

10+ Year Member

Top Contributors Of The Month

Look at your error message- there is no comma between 'testing' and '0' and you have no closing parenthesis.

henry0

8:16 pm on Oct 15, 2008 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

lovduv, welcome to WebmasterWorld!

I do not use that style (it's me)
instead I opt for:

$name=db_escape($_POST['name']);
$owner=db_escape($_POST['owner']);
$comments=db_escape($_POST['comments']);
$completed=db_escape($_POST['completed'']);
However you should before escaping verify that the expected POST values are the one expected...
$sql="insert into mylists (name, owner, comments, completed)
values
('$name', '$owner', '$comments', '$completed')";

lovduv

9:16 pm on Oct 15, 2008 (gmt 0)

10+ Year Member

henry0 -

Agreed, I usually opt for the above style as well, but I am adapting this script from another for my own needs....and so I am loathe to restructure the rest of the script : (

LifeinAsia - yeah I had messed with the code and got the comma in the right place, but missed the no closing parenthesis in that section....

I believe I have the comma correct now, but now I am unsure of where to put the closing parenthesis...below I added it to $query .= " limit 1"); and this is the error I get now:
Parse error: syntax error, unexpected ')' in ../list.php on line 214

else{

$query = "insert into `mylists` (`name`,`owner`,`comments`,`completed`) values ";
$query .= "('".db_escape($_POST['name'])."','".db_escape($_POST['owner'])."','".db_escape($_POST['comments'])."', ";

if($_POST['completed'] == 'yes'){
$query .= "'1' ";
}else{
$query .= "'0' ";
}

$query .= " limit 1");

if(mysql_query($query)){
$output = '<b>Item added successfully!</b><br/><br/>';
}else{
$output = mysql_query($query) or die("Couldn't execute query\"$query\" error:" . mysql_error());
}
}

lovduv

10:55 pm on Oct 15, 2008 (gmt 0)

10+ Year Member

Ok I got it with:

$query .= " 'limit 1')";

Thanks LifeinAsia for pointing me in the right direction : )

nick279

9:46 am on Oct 16, 2008 (gmt 0)

10+ Year Member

I used to use the INSERT INTO `tables` VALUES , but now tend to exclusvley use

INSERT INTO `table`
SET
`col1` = $col1,
`col2` = $col2 etc

Find it a bit easier to debug also