1. 技术文章
  2. SQL syntax error MariaDB server version for the right syntax to use near 'WHERE ID = 4' at line 1

SQL syntax error MariaDB server version for the right syntax to use near 'WHERE ID = 4' at line 1

拈花ヽ惹草 提交于 2020-01-01 00:43:42

问题


I have this line of SQL:

$sql = "SELECT ID, ListStID, ListEmail, Title FROM $entry_database 
        WHERE ID = '". $ReqBookID ."'";
$result = mysqli_query($conn, $sql);

As you can see, I am selecting an entry's ID, ListStID, ListEmail and Title Column if ID is equal to a string of numbers (or text), which is given by user in a form.

Everything is ok, and I don't get any syntax error when I write the code (I am using a code editor software. However, when I use it online, I get this error:

Error: SELECT ID, ListStID, ListEmail, Title FROM WHERE ID = '4' You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'WHERE ID = '4'' at line 1

I am very new to PHP, and I'm sure I am either adding extra ' or ", so I would really appreciate it if you could help me with this issue. I have tried the answers for similar questions, but no success yet.

UPDATE 1:

So thanks to all those who pointed it out, I fixed the $entry_database error, and and it's working properly now.

Many MANY Thanks for all the efforts you made.


回答1:


You have empty $entry_database variable. As you see in error: ListEmail, Title FROM WHERE ID bewteen FROM and WHERE should be name of table. Proper syntax of SELECT:

SELECT columns FROM table [optional things as WHERE/ORDER/GROUP/JOIN etc]

which in your way should become:

SELECT ID, ListStID, ListEmail, Title FROM some_table_you_got WHERE ID = '4'



回答2:


Assign the table name to the variable $entry_database before:

$entry_database = "my_table"; // as an example
$sql = "SELECT ID, ListStID, ListEmail, Title FROM $entry_database ....";

Regarding the WHERE-Statement you should also learn about SQL Injection: http://php.net/manual/en/security.database.sql-injection.php

Make your script more safe.




回答3:


You're missing your database name:

$sql = "SELECT ID, ListStID, ListEmail, Title FROM ".$entry_database." WHERE ID = ". $ReqBookID .";

And make sure that $entry_database isn't null or empty:

var_dump($entry_database);

Also notice that you don't need to have $ReqBookID in '' as if it's an Int.



来源:https://stackoverflow.com/questions/27302605/sql-syntax-error-mariadb-server-version-for-the-right-syntax-to-use-near-where

标签
php
mysql
sql
mysqli
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!