tags:

views:

64

answers:

1
Q: 

Getting a 1064 Error in MySQL but query still completes? Not sure why!!

Hi there,

I am trying to insert a lot of fields into a MySQL database, some are failing, so I am adding some code into my PHP script to try and track down what is occurring.

The replace seems to work as I can see the fields being populated in mysql, but I get this error:

1064:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' at line 1

//insert query
if (strlen($link_name)>0)
{
$query = mysql_query("REPLACE into jos_mt_links
(link_id, link_name, alias, link_desc, user_id, link_approved, metadesc, link_created, link_modified, website, price)
VALUES ('$link_id','$link_name','$link_name','$description','63','1','$metadesc','$link_created','$link_modified','$website','$cost')");
echo $link_name . "has been inserted <br />";
print "SQL-Query: ".$query."<br>";

    if(mysql_query($query,$db))
   {
    echo "<center><font face='$fonts' size=2 color='$green'>";
    echo " OK !</font><br><br>\n";
   }
  else
   {
    echo "<center><font face='$fonts' size=3 color='$red'>";
    echo "Error<br><br>";
       echo mysql_errno() . ":" . mysql_error() . "</font><br>\n";
   }
A: 

There is nothing wrong with your SQL. You're assigning $query to the result of your mysql_query() call:

$query = mysql_query("REPLACE into jos_mt_links
    (link_id, link_name, alias, link_desc, user_id, link_approved, metadesc,
    link_created, link_modified, website, price)
    VALUES
    ('$link_id','$link_name','$link_name','$description','63','1','$metadesc','$link_created','$link_modified','$website','$cost')");

mysql_query() returns true or false as a result of the REPLACE query, but the more important thing is that you're assigning the result, not the SQL query that you're executing.

Furthermore, in here:

if(mysql_query($query,$db))

You're calling mysql_query() again on the same $query variable which now holds a value of true (since you said your query is working and your database is being updated normally). PHP interprets boolean true as string '1' and you're telling MySQL to run a query called 1, which gives that error.

You probably meant to assign $query like this instead so your if condition works properly:

$query = "REPLACE into jos_mt_links
    (link_id, link_name, alias, link_desc, user_id, link_approved, metadesc,
    link_created, link_modified, website, price)
    VALUES
    ('$link_id','$link_name','$link_name','$description','63','1','$metadesc','$link_created','$link_modified','$website','$cost')";

And calling your echo within the if statement too.

Another thing: as what Mark Baker has noted, please be sure your variables have been escaped with mysql_real_escape_string() before sticking them directly in your SQL like that.

BoltClock  2010-06-02 16:08:32
Thanks, that makes sense. Could you clarify how I check I am using a mysql_real_escape_string()? From checking it appears the records that fail have an apostrophe in the description. ie a record with this in the description just failedwe'd
kitenski  2010-06-02 20:23:18
The safest thing to do is assume the variables coming in are all unescaped, and running that function on them just before running the query.
BoltClock  2010-06-02 23:27:54
I've done some searching and all the examples, ie here http://php.net/manual/en/function.mysql-real-escape-string.php talk about needing it for POST and GET, neither of which I am doing, so is it still necessary?
kitenski  2010-06-04 16:52:54
As long as the data you're inserting comes from an untrusted source, i.e. something other than your own code's generated data, then yes it is still necessary.
BoltClock  2010-06-07 14:12:30

related questions

Remove Quotes and Commas from a String in MySQL
What's the best way of converting a mysql database to a sqlite one?
How do you manage databases in development, test, and production?
Multiple foreign keys?
Add 1 to a field (MySQL)
Issues using MS Access as a front-end to a MySQL database back-end?
Bigger than a char but smaller than a blob
How do I retrieve my MySQL username and password?
Long-time LAMP Developer moving to VB.NET
How do I Concatenate entire result sets in MySQL?
Full complete MySQL database replication? Ideas? What do people do?
SQL: Distribution of table in time
SQLite vs MySQL
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
Multiple Updates in MySQL
MySQL/Apache Error in PHP MySQL query
What all do I need to escape when sending a (My)SQL query?
Auto Generate Database Diagram MySQL
Mechanisms for tracking DB schema changes
How big can a MySQL database get before performance starts to degrade.
Python and MySQL
SQL Server 2005 implementation of MySQL REPLACE INTO?
How to export data from SQL Server 2005 to MySQL
Throw Error In MySQL Trigger
Binary Data in MySQL