1

So I am using php to upload a csv file into an array, de-dupe it, clean it and insert data into a mysql table.

The table (inboundnew) has 9 fields, one date, one varchar, and 7 integer. The script processes the file as requested, and builds an 'insert command into a string' which I then run with: 

$result=  mysql_query($string) or die(mysql_error())

The insert string outputs as:

insert into inboundnew 
(ndate,branch,ans,unans,voice,unqueued,actioned,unactioned, total) 
values 
("2000-01-01","Name of Customer",0,0,0,0,0,0,0);

It is giving me the following error

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

Yet when I run the string through phpmyadmin, it inserts perfectly.

Would be extremely grateful if anyone has any idea what could be going wrong here.

OK - so after two days of banging my brains out on this, I am still having the problem.

I have posted below the code that I run to build the string which I then run in the query. It out puts no apostrophes and yet I am still getting the MySQL error. Apologies if the code is not formatted properly - I am unsure as how to do this here. I have uploaded and opened the CSV file...

while(!feof($file)) { $lines[] = fgets($file); } $clean=array();

$clean = array_unique($lines);//remove duplicates

$count=0;
$string="insert into inboundnew (date,branch,ans,unans,voice,unqueued,actioned,unactioned,total) values            ";

//now write to table - skipping first 2 lines

enter code here

if ($count > 1) {


        $parts=explode(',', $val);
        $a=$parts[0];//ignore this field
        $b=$parts[1];//ignore this field)
        if ($b>""){ //ignore if blank line
            $salon=$parts[2];
            $ans=$parts[3];
            $missed=$parts[4];
            $voice=$parts[5];
            $unq=$parts[6];
            $act=$parts[7];
            $unact=$parts[7];
            $total=$parts[8];
            $date=$date;
            $string .=    '("'.$date.'","'.$salon.'",'.$ans.','.$missed.','.$voice.','.$unq.','.$act.','.$unact.','.$total.'),'. PHP_EOL;
    }
}
$count++;
}
//now remove last comma
$strlen= strlen($string);
$string=  substr($string,0, $strlen-2);

This builds the string which fails in the script, but works in PhpMyAdmin and outputs the syntax error

Chris Dav
  • 71
  • 1
  • 8
  • That means you have some string parsing error. Be sure that you have used quotes correctly. `"insert into xx (a,b,c,d) values ('$a','$b','$c','$d')"` – Bhavesh G Jul 19 '15 at 07:52
  • I am sure that you are right, but it looks perfect at the moment. I have checked it so many times ... I am going to have to take myself away from it for a while. – Chris Dav Jul 19 '15 at 08:08
  • 1
    Your error message says that the error occurs when it hits two apostrophe characters. Your string doesn't have any apostrophes in it. You are looking at the wrong SQL. – Quentin Jul 19 '15 at 09:17
  • 1
    **Warning**: You are using [an **obsolete** database API](http://stackoverflow.com/q/12859942/19068) and should use a [modern replacement](http://php.net/manual/en/mysqlinfo.api.choosing.php). – Quentin Jul 19 '15 at 09:19
  • What is `$string`? Please post some more code. – klenium Jul 19 '15 at 09:19
  • Please consider putting your code here. – Bhavesh G Jul 19 '15 at 09:25
  • 1
    did you check this [mysql-the-right-syntax-to-use-near-at-line-1-error](http://stackoverflow.com/questions/11155489/mysql-the-right-syntax-to-use-near-at-line-1-error) previous post? – Wee Zel Jul 19 '15 at 09:58
  • Wee Zel - it is something to do with this. I am closer now - thank you. – Chris Dav Jul 19 '15 at 10:19
  • Quentin - am now using PDO as per your suggestion - thank you. (still same problem with the apostrophes 'tho). I cannot see where they are coming from. – Chris Dav Jul 19 '15 at 10:32

2 Answers2

0

Escape string values using mysql_real_escape_string.

Example:

$name = mysql_real_escape_string($name);
$sql = "insert into test (name) values ('$name')";
akond
  • 15,865
  • 4
  • 35
  • 55
Samir Selia
  • 7,007
  • 2
  • 11
  • 30
0

Confirm data type of columns. If its string, value should enclosed in double or single quotes.

hakhiste
  • 123
  • 1
  • 6