PHP Error : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax

Question

I am creating a separate page in my portal from where i can upload the images to my database. but while submitting the image i am getting the following Error:

"error in INSERT into 'images_tbl' ('images_path','submission_date') VALUES ('images/24-01-2016-1453612538.jpg','2016-01-24') You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''images_tbl' ('images_path','submission_date') VALUES ('images/24-01-2016-14' at line 1"

I am getting this error in my saveimage.php file. Why exactly this error is?

Here is my HTML code:

<html>
<head>
<title>Image Upload</title>
</head>
<body>
<form action="saveimage.php" enctype="multipart/form-data" method="post">
<table style="border-collapse: collapse; font: 12px Tahoma;" border="1" cellspacing="5" cellpadding="5">
    <tbody>
    <tr>
        <td>
            <input name="uploadedimage" type="file">
        </td>
    </tr>

    <tr>
        <td>
            <input name="Upload Now" type="submit" value="Upload Image">
        </td>
    </tr>
    </tbody>
</table>
</form>
</body>
</html>

PHP code of my saveimage.php file:

<?php
include("mysqlconnect.php");

    function GetImageExtension($imagetype)
    {
       if(empty($imagetype)) return false;
       switch($imagetype)
       {
           case 'image/bmp': return '.bmp';
           case 'image/gif': return '.gif';
           case 'image/jpeg': return '.jpg';
           case 'image/png': return '.png';
           default: return false;
       }
    }

if (!empty($_FILES["uploadedimage"]["name"])) {

    $file_name=$_FILES["uploadedimage"]["name"];
    $temp_name=$_FILES["uploadedimage"]["tmp_name"];
    $imgtype=$_FILES["uploadedimage"]["type"];
    $ext= GetImageExtension($imgtype);
    $imagename=date("d-m-Y")."-".time().$ext;
    $target_path = "images/".$imagename;

if(move_uploaded_file($temp_name, $target_path)) {

    $query_upload="INSERT into 'images_tbl' ('images_path','submission_date') VALUES ('".$target_path."','".date("Y-m-d")."')";

    mysql_query($query_upload) or die("error in $query_upload ".mysql_error());  

}else{
   exit("Error While uploading image on the server");
} 
}
?>

Code of my mysqlconnect.php file is:

<?php
/**********MYSQL Settings****************/
$host="localhost";
$databasename="demo";
$user="root";
$pass="";
/**********MYSQL Settings****************/

$conn=mysql_connect($host,$user,$pass);

if($conn)
{
$db_selected = mysql_select_db($databasename, $conn);
if (!$db_selected) {
    die ('Can\'t use foo : ' . mysql_error());
}
}
else
{
    die('Not connected : ' . mysql_error());
}
?>

$query_upload="INSERT into images_tbl ('images_path','submission_date') VALUES ('".$target_path."','".date("Y-m-d")."')"; — Alive to die - Anant, Jan 24 '16 at 06:48
@GeraldSchneider I removed quotes and used images_tbl instead of 'images_tbl' but that also gives me the same error. — Dilip Kumar Yadav, Jan 24 '16 at 06:49
Also note that the `mysql_*` functions are deprecated and no longer exist in PHP7. Don't use them, use mysqli or PDO instead. — Gerald Schneider, Jan 24 '16 at 06:49
@A-2-A i created database "demo" and created table "images_tbl" using the query: CREATE TABLE images_tbl( images_id INT NOT NULL AUTO_INCREMENT, images_path VARCHAR(200) NOT NULL, submission_date DATE, PRIMARY KEY (images_id) ); — Dilip Kumar Yadav, Jan 24 '16 at 06:52

score 2 · Accepted Answer · edited May 23 '17 at 11:59

2

Remove single quotes from your table name and column names, use backticks instead. So your query should be like this:

$query_upload="INSERT into `images_tbl`(`images_path`,`submission_date`) VALUES ('".$target_path."','".date("Y-m-d")."')";

Sidenote: Don't use mysql_* functions, they are deprecated as of PHP 5.5 and are removed altogether in PHP 7.0. Use mysqli or PDO instead. And this is why you shouldn't use mysql_* functions.

edited May 23 '17 at 11:59

Community

1
1

answered Jan 24 '16 at 07:03

Rajdeep Paul

16,887
3
18
37

Yupp this worked. thanks alot. Learned new concept. – Dilip Kumar Yadav Jan 24 '16 at 15:47

PHP Error : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax

1 Answers1