meaning mysql error

[WesleyA]

I get an error code

           You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near

I found this is error 1149 ? is that right?

 

I'm looking for the meaning of this error.

 

What is the reason I'm having this? Does it mean the mysq code in my php script is wrong? Is a solution changing the MYSQL line or can the error also be made in the php part of the script?

[dsonesuk]

You have a SQL syntax error, showing us your SQL would help.

[WesleyA]

I made query with a variable

     $sql = "INSERT INTO $tab (var1, var2) VALUES ('$var4', '$var3')" ; 

Is it true that if $tab doesnt have a value, the error code mentioned above is given?

Edited July 12, 2015 by WesleyA

[dsonesuk]

Well yea, place the code for inserting values in table within a if condition that checks to make sure $tab is not empty.

if(!empty($tab)){Insert into table code...}

[dauruk0512]

Just asking

 

1. Why you put table name inside variable ?
2. if $tab doesnt have a value <--what this mean ?

[WesleyA]

 

Just asking

 

1. Why you put table name inside variable ?
2. if $tab doesnt have a value <--what this mean ?

 

 

1) I want to know it. It is for my script. The users are allowed to make a table

 

2) I asked that to find out if there could be an error report IF $tab was empty.

[WesleyA]

To read data from an input field yoiu use post (method post) and it can be used to put it on screen in the browser with ech or with var_dump.

 

Using this variable again and using PHP to instruct MYSQL in this way

    $sql = "INSERT INTO $tab (var1, var2) VALUES ('$var4', '$var3')" ; 

doesnt seem to work.

 

Is it necessary to use other PHP commands to put a variable like $tab into a MYSQl query?

[dsonesuk]

Try

$sql = "INSERT INTO `$tab` (var1, var2) VALUES ('$var4', '$var3')"; //using backticks for table nameOR$sql = "INSERT INTO `".$tab."` (var1, var2) VALUES ('".$var4."', '".$var3."')"; //using backticks for table name

[WesleyA]

I think the mistake is that the $tab is empty when I embed in in a condition. I can check that with var_dump or echo.

 

I was not 100% certain about that but it might be. So I asked this question what the errorcode could be if $tab would be empty in the php/mysql query I posted.

Edited July 29, 2015 by WesleyA

[dsonesuk]

That is why you should check if any these variables are empty, because the SQL is expecting these, without any of these missing the sql syntax we be wrong, and a error is produced.

 

basic setup, need code for sanitization to prevent sql injection

$tab="";$var3="";$var4="";$tab=$_POST['tab'];$var3=$_POST['var3'];$var4=$_POST['var4'];if(!empty($tab) && !empty($var3) && !empty($var4)){$sql = "INSERT INTO `$tab` (var1, var2) VALUES ('$var4', '$var3')"; //using backticks for table name}else{echo "Error Not All the variables have a value"; }

[WesleyA]

Now I got an errormessage saying Undefined index: forminput

$tab = $_POST['forminput']

when is this error given? Can I use it only once? (as i used it before wih succes)

[dsonesuk]

Ok try

$tab=""; $var3=""; $var4=""; if(isset($_POST['tab'])){$tab=$_POST['tab']; }if(isset($_POST['var3'])){$var3=$_POST['var3']; }if(isset($_POST['var4'])){$var4=$_POST['var4']; }if(!empty($tab) && !empty($var3) && !empty($var4)) { $sql = "INSERT INTO `$tab` (var1, var2) VALUES ('$var4', '$var3')"; //using backticks for table name } else { echo "Error Not All the variables have a value"; }

The problem was if 'forminput' is not set on submission, $_POST['forminput'] using index of 'forminput' would not exist and no index error is shown, it now checks if it exist and then assigns it to a variable, it then check if value is not empty as in "" before allowing to insert into table else it will show missing variable value error.

[WesleyA]

Ok try

$tab=""; $var3=""; $var4=""; if(isset($_POST['tab'])){$tab=$_POST['tab']; }if(isset($_POST['var3'])){$var3=$_POST['var3']; }if(isset($_POST['var4'])){$var4=$_POST['var4']; }if(!empty($tab) && !empty($var3) && !empty($var4)) { $sql = "INSERT INTO `$tab` (var1, var2) VALUES ('$var4', '$var3')"; //using backticks for table name } else { echo "Error Not All the variables have a value"; }

The problem was if 'forminput' is not set on submission, $_POST['forminput'] using index of 'forminput' would not exist and no index error is shown, it now checks if it exist and then assigns it to a variable, it then check if value is not empty as in "" before allowing to insert into table else it will show missing variable value error.

 

Yeah

 

But do I have to set it twice then?

 

As I told before. The form input is another script.

 

First I use this form input and make the user choose the table.

 

Now I want the choice the user made first printed on the screen. Then this choice should be used in the SQL code.

 

But on the new screen the user can also choose five values.

 

Here it stucks, when I use an if condition.

 

It is the same if condition as when I echo it on the screen.

 

But embedded or wrapped around the existing if condition concerning SQL code for adding the values to the table seems to demand another if condition.

 

I don't understand for what reason PHP works this way?

[Ingolme]

That's not PHP's fault. If you didn't actually give it any data to work with, it's not going to know what to do.

[WesleyA]

No!

 

forget the word fault.

 

 

It has to do with wanting to understand how PHP works.

 

 

But back to the issue: how should I instruct PHP how to process the data that I have retrieved once for echoing, for the second time in an SQL command?

[justsomeguy]

PHP does exactly what you tell it to do. It does very little by itself, apart from basic things like automatically processing form data to allow you to access it in $_GET or $_POST. Everything else, you're telling it what to do.If you're talking about code on different pages then you have to write it twice. PHP code in one page is not connected with another page unless you do things yourself to move that data or state to the other page, like store data in the session.