SQL/Laravel is not quoting text fields when building a query

Question

UPDATED

I am new to Laravel and tried to test this demo https://github.com/laravel-json-api/laravel on my local Mac after installing ddev, Docker and MAMP. The problem is that the code (that I didn't write, I just downloaded without making any changes) is executing a SELECT trying to find a user with that email address but, apparently, Laravel builds the SQL sentence removing the quotes when adding the content for the field "email".

This is the error message that I get on the browser:

SQLSTATE[HY000] [2002] No such file or directory (SQL: select * from `users` where `email` = frankie@example.com limit 1)

I use MySQL 5.7.32 and the DB collation is utf8_general_ci.

The error show in the browser when the exception is caught is:

/var/www/html/vendor/laravel/framework/src/Illuminate/Database/Connection.php

     * @param  array     $bindings
     * @param  \Closure  $callback
     * @return mixed
     *
     * @throws \Illuminate\Database\QueryException
     */
    protected function runQueryCallback($query, $bindings, Closure $callback)
    {
        // To execute the statement, we'll simply call the callback, which will actually
        // run the SQL against the PDO connection. Then we can calculate the time it
        // took to execute and log the query SQL, bindings and time in our memory.
        try {
            $result = $callback($query, $bindings);
        }
 
        // If an exception occurs when attempting to run a query, we'll format the error
        // message to include the bindings with SQL, which will make this exception a
        // lot more helpful to the developer instead of just the database's errors.
        catch (Exception $e) {
            throw new QueryException(
                $query, $this->prepareBindings($bindings), $e
            );
        }
 
        return $result;
    }
 
    /**
     * Log a query in the connection's query log.
     *
     * @param  string  $query
     * @param  array   $bindings
     * @param  float|null  $time
     * @return void
     */
    public function logQuery($query, $bindings, $time = null)
    {
        $this->event(new QueryExecuted($query, $bindings, $time, $this));
 
        if ($this->loggingQueries) {

*Arguments

"SQLSTATE[HY000] [2002] No such file or directory (SQL: select * from `users` where `email` = frankie@example.com limit 1)"*

This is the database.php config for the demo project:

database.php demo:

'mysql' => [
            'driver' => 'mysql',
            'host' => env('DB_HOST', '127.0.0.1'),
            'port' => env('DB_PORT', '8889'),
            'database' => env('DB_DATABASE', 'forge'),
            'username' => env('DB_USERNAME', 'forge'),
            'password' => env('DB_PASSWORD', ''),
            'unix_socket'   => '/Applications/MAMP/tmp/mysql/mysql.sock',
            'charset' => 'utf8mb4',
            'collation' => 'utf8mb4_unicode_ci',
            'prefix' => '',
            'strict' => true,
],

MySQL listens on port 8889

Anyone has experienced a similar situation?

Thanks

Answer 1

Your problem is not the quotes, there's something wrong with the SQL server internally.

Regarding the quotes: When using the standard eloquent methods, query parameters will be sent to the server using prepared statements. This is very save and the no need four adding quotes. Internally the server handles the parameters correctly.

Whenever an error occurred, the server outputs the pure, unquoted data of received from the prepared statement. This indeed is a bit misleading, but it's not an error.

Answer 2

I closed this question as it is not related to how Laravel builds the SQL sentence. It is about an error trying to connect to MySQL from any PHP code on MAMP. See my new question here Error: 200 Connection refused on PHP connecting to MySQL running on MAMP

Answer 3

Such an error may occur when accidentaly we are passing in fields that don't match our Model's fields