php - SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax -

-

i can't figure out wrong read method (dynamic prepared statement pdo). can point me in right direction? don't think i'm using reserved sql words. perhaps i'm missing quotes or somewhere? i'm new pdo.

this read method:

public function read($select_col, $table_name, $where, $where_condition=null, $where_compare=null, $other=null){          //this method return false if # of key-value pairs don't match # of $where_condition items.         //if works, return 1-dimensional array if 1 row found. if more 1 row, 2d array.         //      return associative array.          //$select_col can array or variable (words or "*")         //$table_name $table_name (most $table_name var given object)         //$where associative array keys column names , values value test.          //      code below add ":" in front of key make named parameter.         //$where_condition allows user create other conditions (ie. "<" or ">". can single variable or array)         //$other room other stuff "asc limit 1"         $errors = array();         $sql = '"select ';          //if $select_col array, put commas after each item except last 1         if(is_array($select_col)){             $s_count = count($select_col);             for($s=0; $s<$s_count; $s++){                 $sql .= $select_col[$s];                 if($s<($s_count-1)){                     $sql .= ", ";                 }             }         } else{             $sql .= $select_col;         }         $sql .= " " . $table_name;          //if $where values given, add them sql. named parameters generated keys adding ":" in front of each key         if(!empty($where)){             $w_count = count($where);             //if there $where_condition values, make sure match number of $where key-value sets.              //if don't match up, return false , stop.             if(!empty($where_compare)){                 $wc_count = count($where_compare);                 if($w_count!=$wc_count){                     return false;                     $exit();                 }             }             $sql .= " ";             for($w=0; $w<$w_count; $w++){                 $sql .= key($where);                 if(!empty($where_compare)){                     $sql .= " " . $where_compare[$w] . " ";                 } else{                     $sql .= " = ";                 }                 $sql .= "':" . key($where) . "'";                 next($where);                 if($w<($w_count-1)){                     if(empty($where_condition)){                         $errors[] = "where condition(s) is/are missing (ie. and, or)";                     } else{                         $sql .= " " . $where_condition[$w] . " ";                     }                 }             }         }          //at point, $where keys , named parameters set or skipped section because there no values         if(!empty($other)){             $sql .= " " . $other;         }         $sql .= '"';          $stmt = $this->dbc->prepare($sql);         if(!$stmt){             $errors[] = "failed prepare query. " . $this->dbc->errorinfo();         }         foreach ($where $key => $value) {             $named_param = "':" . $key . "'";             if(is_numeric($value)){                 $type = "pdo::param_int";             } else{                 $type = "pdo::param_str";             }             $stmt->bindvalue($named_param, $value, $type);         }         $execute = $stmt->execute();         if(!$execute){             $errors[] = "query failed execute. " . $this->dbc->errorinfo();         }         $result = $stmt->fetchall(pdo::fetch_assoc);         //if 1 row returned, returns one-dimensional array. if more 1 row, two-dimensional array.         if(!empty($errors)){             return $errors;         } else{             return $result;         }    }

this authentication method uses read method:

public static function authenticate($username="", $pw=""){     global $db;      $hashed_pw = self::encrypt_pw($username, $pw);     $where = array('username' => $username, 'pw' => $hashed_pw);     $where_condition = array("and");      $id = $db->read("user_id", "users", $where, $where_condition);     if(is_numeric($id) , $id!=0){         return true;     } else{         return false;     } }

why have " in $sql = '"select '; , $sql .= '"';?

$sql string if that's you're trying do. you've done has added " literals before , after actual select query. removing them should solve problem.


Comments

Post a Comment

Popular posts from this blog

html5 - What is breaking my page when printing? -

-
Image
i have questioner , don't know why when printing it's creating break before first question. live demo (link) i able resolve issue removing fieldset container had wrapped in.. having fieldset element causing of fields grouped together, , since not fit on first page, being pushed second page. removing fieldset element, able firefox print first 2 questions on page 1 identically chrome. it seems not new problem firefox , fieldset not playing nice found old bugzilla ticket 2008 has persisted , still being commented on in 2014 (link) if retaining fieldset important, found solution else came here (link) <script type='text/javascript'> $(window).bind('beforeprint', function(){ $('fieldset').each( function(item) { $(this).replacewith($('<div class="fieldset">' + this.innerhtml + '</div>')); } ) }); $(window).bind(
Read more

html - Unable to style the color of bullets in a list -

-
i'm trying change colour of list points it's not working? <div class="mobile-menu" id="mobile-menu"> <div id="mobile-menu-links"> <h4>general:</h4> <ul class="mobile-menu-links"> <li><a href="">news</a></li> <li><a href="">the boring rules!</a></li> <li><a href="">the rankings</a></li> </ul> .mobile-menu #mobile-menu-links ul{ list-style-type: none; margin:0; padding-left:3%; } .mobile-menu #mobile-menu-links ul li{ padding-bottom:2px; border-bottom:1px solid #bababa; } if add color:red in either of 2 css declarations, doesn't change colour. please note html closed in document, copi
Read more

c# - must be a non-abstract type with a public parameterless constructor in redis -

-
when save object, got below error must non-abstract type public parameterless constructor in order use parameter 't' in generic type or method 'servicestack.redis.redisclient.store<t>(t) redisclass.getinstnace().store(msg); // error here redisclass.getinstnace().save(); as third party's class, can not edit how save object? could create wrapper around third party object call constructor, store wrapper? e.g. public class mywrapper { public thirdpartyobject thirdpartyinstance { get; set; } public mywrapper() { thirdpartyinstance = new thirdpartyobject("constructors"); } }
Read more