Error in SQL syntax

Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.

Moderator: General Moderators

Post Reply
ayoksus
Forum Newbie
Posts: 14
Joined: Tue Feb 13, 2007 2:51 pm

Error in SQL syntax

Post by ayoksus »

Hi,

I've got an error like this:
Invalid query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Tuesday','20070710','00:42:01')' at line 2

What does this error mean?

Thanks
ayoksus
ayoksus
Forum Newbie
Posts: 14
Joined: Tue Feb 13, 2007 2:51 pm

Post by ayoksus »

And this is the code:

Code: Select all

CREATE TABLE `mynews` (
  `news_no` int(3) NOT NULL auto_increment,
  `category` int(3) NOT NULL default '0',
  `username` varchar(30) NOT NULL default '',
  `title` varchar(100) NOT NULL default '',
  `headline` text NOT NULL,
  `body` text NOT NULL,
  `day` varchar(20) NOT NULL default '',
  `date_placed` date NOT NULL default '0000-00-00',
  `time_placed` time NOT NULL default '00:00:00',
  PRIMARY KEY  (`news_no`)
) 
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

Please post the sql statement.
ayoksus
Forum Newbie
Posts: 14
Joined: Tue Feb 13, 2007 2:51 pm

Post by ayoksus »

Code: Select all

$input=mysql_query("INSERT INTO news(category,username,title,headline,body,day,date_placed,time_placed) 
        VALUES ('$category','$username','$title','$headline','$body','$day','$date_placed','$time_placed')"); 

if($input) 
        { 
                echo "Input data is success<BR>"; 
                echo "<a href=form_news.php>Add more news</a>"; 
                echo "<a href=logout.php>Logout</a>"; 
        } 
        else 
        { 
                echo "Input data is failed"; 
        }
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

please try

Code: Select all

$query = "INSERT INTO
		news
		(category,username,title,headline,body,day,date_placed,time_placed)
	VALUES
		('$category','$username','$title','$headline',
		'$body','$day','$date_placed','$time_placed')";

$input=mysql_query($query);
if($input)
{
	echo "Input data is success<BR>";
	echo "<a href=form_news.php>Add more news</a>";
	echo "<a href=logout.php>Logout</a>";
}
else
{
	echo "Input data is failed";

	echo '<div>Debug: ', mysql_error(), "<br />\n", htmlentities($query), "</div>\n";
}
and post the output.
ayoksus
Forum Newbie
Posts: 14
Joined: Tue Feb 13, 2007 2:51 pm

Post by ayoksus »

Hi Volka,

Sorry I put a wrong code:
The last code was:

Code: Select all

else 
        { 
                echo "Input data is failed"; 
                die('Invalid query: ' . mysql_error());
        }
I've changed it with your code, and the result is still:
Debug: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Tuesday','20070710','10:33:51')' at line 2
User avatar
onion2k
Jedi Mod
Posts: 5263
Joined: Tue Dec 21, 2004 5:03 pm
Location: usrlab.com

Post by onion2k »

You aren't escaping your data, so when it's inserted the quotes in the SQL are messed up. You need to use mysql_real_escape_string() on the values before you put them into the SQL string. Look it up in the PHP manual for more information.

Also, the important bit in Volka's code was "htmlentities($query)" ... so we could see exactly what the query is, complete with it's unescaped single quotes no doubt.
ayoksus
Forum Newbie
Posts: 14
Joined: Tue Feb 13, 2007 2:51 pm

Post by ayoksus »

Hi Thank's!

I think something wrong with my eyes and brain..
It's solved..

Thank you,
ayoksus
Post Reply