DaniWeb Forum Index > Web Development > PHP

You have an error in your SQL syntax;

Please support our PHP advertiser: PostgreSQL or MySQL? Compare and contrast the two most popular open source databases

•

Join Date: Jul 2009

Posts: 27

Reputation: Toxikr3 is an unknown quantity at this point

Solved Threads: 0

Toxikr3

Offline

Light Poster

You have an error in your SQL syntax;

Jul 14th, 2009

Hi guys, I was trying to implement a friends script but I encountered this error

Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'by) VALUES ('Toxikr3' , 'moderator')' at line 1

I tried to insert values Toxikr3 and moderator in the columns username and by

It inserts fine when there is only one thing to insert, but gives me error when I insert more then one.

My Code:

 Help with Code Tags 
 PHP Syntax (Toggle Plain Text) 
$query = ("INSERT INTO friendrequest (username,by) VALUES ('$_GET[user]' , '$by')"); //inserts the request
 
if (!mysql_query($query))
  {
  die('Error: ' . mysql_error());
  }
echo ( "$fusername $by has been sent a request you must now wait for it to be accepted" ); //echos completion 
 }
else { 
echo ( "No request was made" ); // or no request sent 
} 
}else { 
echo ( "You need to be logged in" ); //not logged in 
}
$query = ("INSERT INTO friendrequest (username,by) VALUES ('$_GET[user]' , '$by')"); //inserts the request

if (!mysql_query($query))
  {
  die('Error: ' . mysql_error());
  }
echo ( "$fusername $by has been sent a request you must now wait for it to be accepted" ); //echos completion 
 }
else { 
echo ( "No request was made" ); // or no request sent 
} 
}else { 
echo ( "You need to be logged in" ); //not logged in 
}

Please help, I just can't figure it out. If you require the top code, I will post it.

Last edited by Toxikr3; Jul 14th, 2009 at 11:16 pm.

•

Join Date: Aug 2007

Posts: 165

Reputation: Fest3er is an unknown quantity at this point

Solved Threads: 18

Fest3er

Offline

Junior Poster

Re: You have an error in your SQL syntax;

Jul 15th, 2009

•

Originally Posted by Toxikr3

...Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'by) VALUES ('Toxikr3' , 'moderator')' at line 1

Re-read the quoted part above, then read the table of reserved words in the MySQL manual. (Hint: 'by' is a reserved word.)

While you can use reserved words if you quote them correctly, it is best to avoid using them where they can cause problems.

•

Join Date: Aug 2007

Posts: 793

Reputation: darkagn has a spectacular aura about

Solved Threads: 109

darkagn

Offline

Master Poster

Re: You have an error in your SQL syntax;

Jul 15th, 2009

Change $_GET[user] to {$_GET['user']} (including the braces). An even better way would be:

 Help with Code Tags 
 php Syntax (Toggle Plain Text) 
$user = $_GET['user'];
if(strlen($user) == 0)
{
   echo "No user";
   die;
}
$query = "INSERT INTO friendrequest (username,by) VALUES ('$user' , '$by')";
$user = $_GET['user'];
if(strlen($user) == 0)
{
   echo "No user";
   die;
}
$query = "INSERT INTO friendrequest (username,by) VALUES ('$user' , '$by')";