Robin de Cock Robin de Cock - 4 months ago 8
PHP Question

error in SQL syntax, I can't find the error

I can't find the error after 3 hours trying. Can someone help my ?

this is my query =

$query = "INSERT INTO `card`(ProductName,ProductBarcode,ProductPakking,ProductPresent,ProductMinimuim,FotoUrl,DBid) SELECT * FROM (SELECT '" . $ProductName . "','" . $ProductBarcode . "','" . $ProductPakking . "','" . $ProductPresent . "','" . $ProductMinimuim . "','" . $FotoUrl . "','" . $DBid ."') AS tmp WHERE NOT EXISTS (SELECT name FROM `card` WHERE `ProductName` = " . $ProductName . ",`ProductBarcode` = " . $ProductBarcode . ",`ProductPakking` = " . $ProductPakking . ",`ProductPresent` = " . $ProductPresent . ",`ProductMinimuim` = " . $ProductMinimuim . ",`FotoUrl` = " . $FotoUrl . ",`DBid` = " . $DBid ." ) LIMIT 1;";


This is when I echo my query =

INSERT INTO `card`(ProductName,ProductBarcode,ProductPakking,ProductPresent,ProductMinimuim,FotoUrl,DBid)
SELECT * FROM (
SELECT 'brood','8717333541583','zak','-1937','11','img/img.svg','3') AS tmp
WHERE NOT EXISTS (
SELECT name FROM `card` WHERE
`ProductName` = 'brood',
`ProductBarcode` = '8717333541583',
`ProductPakking` = 'zak',
`ProductPresent` = '-1937',
`ProductMinimuim` = '11',
`FotoUrl` = 'img/img.svg',
`DBid` = '3' )
) LIMIT 1



Error
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '
ProductBarcode
= ,
ProductPakking
= ,
ProductPresent
= ,
ProductMinimuim
= ' at line 1

Answer

I'm assuming $ProductName is not an integer, so you'd need to include that in quotes here:

WHERE `ProductName` = '" . $ProductName . "'

Also, please note, you SHOULD NOT be concatenating variables into a string like that. Please see this post for info about how bad this is.

An updated SQL statement PLEASE DON'T USE THIS, BIND VARIABLES INSTEAD:

INSERT INTO `card`(ProductName,ProductBarcode,ProductPakking,ProductPresent,ProductMinimuim,FotoUrl,DBid)
SELECT * FROM (
    SELECT '" . $ProductName . "','" . $ProductBarcode . "','" . $ProductPakking . "','" . $ProductPresent . "','" . $ProductMinimuim . "','" . $FotoUrl . "','" . $DBid ."') AS tmp
WHERE NOT EXISTS (
    SELECT ProductName FROM `card` WHERE
        `ProductName` = '" . $ProductName . "' AND
        `ProductBarcode` = '" . $ProductBarcode . "' AND
        `ProductPakking` = '" . $ProductPakking . "' AND
        `ProductPresent` = '" . $ProductPresent . "' AND
        `ProductMinimuim` = '" . $ProductMinimuim . "' AND
        `FotoUrl` = '" . $FotoUrl . "' AND
        `DBid` = '" . $DBid ."'
) LIMIT 1;
Comments