I have an error with this sentence:
...
WHERE title LIKE '%$title%' OR text LIKE '%$title%'
AND (price BETWEEN $minprice AND $maxprice)
AND catid = $catid ORDER BY id DESC
Error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'AND ) AND cat' at line 34
I did something wrong?
Evaluating "$maxprice" gives an empty string, probably because the variable $maxprice it is not defined. It could be a typo, or that you forgot to set a value for this variable.
Check your $maxprice Variable - it seems to be empty.
Related
I am trying to write a query for updating xml column value it may have or may not have an existing value. I have tried this query but it is giving me syntax error don't know why. I am not SQL expert i am just working with existing code.
Error
ERROR: syntax error at or near "("
LINE 4: SET user_prop.modify('replace value of ("//PREF/NOTIFICATION...
^
SQL state: 42601
Character: 199
Query
UPDATE user
SET user_prop.modify('replace value of ("//PREF/NOTIFICATIONS/#ASK_YOUR_INSTR") with ("TRUE")') where username='1038125#';
XML Value
<PROP>
<ACL DENY="CREATECOURES"></ACL>
<PREF>
<NOTIFICATIONS ASK_YOUR_INSTR="FALSE" />
</PREF>
</PROP>
The SET part of an UPDATE needs an assignment, e.g.
update foo
set bar = bar + 1
where id = 1;
You haven't told us what your function modify() does, but if it returns the modified XML value, then I guess you are looking for:
UPDATE user
SET the_column = user_prop.modify('....')
where username='1038125#';
I guess this is the answer
UPDATE HR_XML
SET Salaries.modify('replace value of
(/Salaries/Marketing/Employee[#ID=("2")]/Salary/text())[1] with ("60000")')
can you try to remove the quotes from the //PREF/NOTIFICATIONS/#ASK_YOUR_INSTR
UPDATE ASSIGNMENTS SET CBTURL = REPLACE(CBTURL, 'http://172.21.130.19/', 'https://testlpsweb.corp.mbll.ca/Content/')
The above statement produces "Data truncation" error. Please advise why and how to correct it.
Error starting at line : 1 in command - UPDATE ASSIGNMENTS SET CBTURL = REPLACE(CBTURL, 'http://172.21.130.19/', 'https://testlpsweb.corp.mbll.ca/Content/') Error at Command Line : 1 Column : 1 Error report - SQL Error: Data truncation
I'm guessing that CBTURL column length is to small for resulting string of replace. Could you try to alter column to have larger lenght.
Try this query to see maximum resulst string lenght:
Select Max(Len(REPLACE(CBTURL, 'http://172.21.130.19/', 'https://testlpsweb.corp.mbll.ca/Content/'))) from tablename ....
please advice how to correct this query
$no_of_hours = DB::Table('shifts')
->where('time_sheet_id','=', $timesheet_id->id)
->selectRaw("SELECT time(sum(TIMEDIFF( 'shift_end_time', 'shift_start_time' )))")
->get();
return $no_of_hours;
im getting following error
SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'SELECT time(sum(TIMEDIFF( 'shift_end_time', 'shift_start_time' ))) from `shifts`' at line 1 (SQL: select SELECT time(sum(TIMEDIFF( 'shift_end_time', 'shift_start_time' ))) from `shifts` where `time_sheet_id` = 35)
You have a sintax error probably because you don't have to write the SELECT keyword in the selectRaw function ( the keyword is added implicity by the query builder in this case ):
->selectRaw("time(sum(TIMEDIFF( 'shift_end_time', 'shift_start_time' )))")
Background
Framework: Codeignighter/PyroCMS
I have a DB that stores a list of products, I have a duplicate function in my application that first looks for the common product name so it can add a 'suffix' value to the duplicated product.
Code in my Products model class
$product = $this->get($id);
$count = $this->db->like('name', $product->name)->get('products')->num_rows();
$new_product->name = $product->name . ' - ' . $count;
On the second line the application fails only when the $product->name contains quotes.
I was with the understanding that Codeignighter escaped all strings so I dont know why I get this error.
So I tried to use MySQL escape string function but that didn't help either.
The Error Message
A Database Error Occurred
Error Number: 1064
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's Book%'' at line 3
SELECT * FROM `products` WHERE `name` LIKE '%Harry\\'s Book%'
var_dump
Below is the output of doing a var_dump on product->name before and after the line in question;
string 'Harry's Book' (length=12)
A Database Error Occurred
Error Number: 1064
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's Book%'' at line 3
SELECT * FROM `products` WHERE `name` LIKE '%Harry\\'s Book%'
Let's do some testing about this.
Here is what you are doing
$count = $this->db->like('name', $product->name)->get('products')->num_rows();
And i suspect $product->name contains this.
Harry's Book
As we know this is coming from the database table as you are using.
Where you are using the upper query mentioned it is wrapping it with
single quotes and producing this result.
SELECT * FROM `products` WHERE `name` LIKE '%Harry\\'s Book%'
As you see it is escaping apostrophy to tell it is not end of string
Therefore escaping it with two slashes.One for apostrophy and one for being in single quote.
What you have to do is
Before assigning the parameter to query wrap it with double quotes.
$product_name = "$product->name";
And now pass it to query.
$count = $this->db->like('name', $product_name)->get('products')->num_rows();
The output will be this
SELECT * FROM `products` WHERE `name` LIKE '%Harry\'s Book%'
You see the differece here. It contains single slash now and the record will
be found.
Other answers didn't work for me, this does though:
$count = $this->db->query("SELECT * FROM `default_firesale_products` WHERE `title` LIKE '".addslashes($product['title'])."'")->num_rows();
Whenever CI Active Record mangles your queries you can always just put a raw query in instead and have full control.
Try this, using stripslashes() around $product->name:
$count = $this->db->like('name', stripslashes($product->name))->get('products')->num_rows();
CI automatically escapes characters with active records but I bet that it's already escaped if you entered it previously via active record in CI. So now it is doing a double escape.
Update: You may also want to try adding the following before you query:
$this->db->_protect_identifiers = FALSE;
Last try: try querying this way since it seems like the like active record is causing the error:
$like = $product->name;
$this->db->query("SELECT * FROM `products` WHERE `name` LIKE '%$like%'");
what is wrong with this sql query. i cant figure it out.
$query = "SELECT *
FROM tagPairs
WHERE (tag1Id IN ($tag1Id, $tag2Id))
AND (tag2Id IN ($tag1Id, $tag2Id))";
error code:
Couldn't execute query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' ))
AND (tag2Id IN (, ))' at line 3
thanks in advance!
$tag1Id and $tag2Id are both null, or empty strings. The simplest solutions is probably to explicitly cast them into numerical values:
$tag1Id = intval($tag1Id);
$tag2Id = intval($tag2Id);
$query = "SELECT *
FROM tagPairs
WHERE (tag1Id IN ($tag1Id, $tag2Id))
AND (tag2Id IN ($tag1Id, $tag2Id))";
$tag1Id and $tag2Id are empty.
That's why your error says (tag2Id IN (, )).
Your $tag1Id and $tag2Id are empty strings. Assign a value to them and it should work fine.
Also, selecting * is a bad idea. Select the columns you need explicity.