MySQL error

Jordan79 · 04-03-2008 07:21PM #1

Error:
Unknown column 'Jordan' in 'where clause'

My code:

$v=UPLOAD_DIR.$_SESSION.'/'.$now.$_SESSION.'-'.$file;

//copy image to database

$sql = "SELECT user_id FROM user WHERE username = ".$_SESSION."";
$queryresult = mysql_query($sql)
or die (mysql_error());
if (mysql_num_rows($queryresult) > 0) {
$row=mysql_fetch_assoc($queryresult);
$userid=$row;
}

$resins=mysql_query("INSERT INTO gallery (user_id, image_name) VALUES ($userid,'$v'")
or die("Error in INSERT: ".mysql_error());

The only place I can see it is getting the name 'Jordan' is from the session name .$_SESSION.

Can anyone help with this...

seamus · 04-03-2008 08:16PM

This line here:
$sql = "SELECT user_id FROM user WHERE username = ".$_SESSION."";

Is generating a line like

SELECT user_id FROM user WHERE username = Jordan;

Strings need to be enclosed in Single quotes, so the above should look like:

SELECT user_id FROM user WHERE username = 'Jordan';

Jordan79 · 04-03-2008 08:24PM

Thanks Seamus.
I have been working on my code:

[PHP]$sql = "SELECT `user_id` FROM `user` WHERE `username` = '".$_SESSION."'";
$queryresult = mysql_query($sql)
or die (mysql_error());
if (mysql_num_rows($queryresult) > 0) {
$row=mysql_fetch_assoc($queryresult);
$userid=$row;
}

$resins=mysql_query("INSERT INTO gallery ('user_id', 'image_name') VALUES ($userid,'$v')")
or die("Error in INSERT: ".mysql_error());[/PHP]

But now getting this error:
""Error in INSERT: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''user_id', 'image_name') VALUES ('5','C:\htdocs\PhotoABC\upload_test\Jordan/2008' at line 1"

I think I am nearly there because my VALUES seem correct when listed in the error but again I think I have a syntax error.
Wonder do u have any idea?

Jordan79 · 04-03-2008 08:28PM

Its working now
Thanks for all your help
Here is the working code

[PHP]$sql = "SELECT `user_id` FROM `user` WHERE `username` = '".$_SESSION."'";
$queryresult = mysql_query($sql)
or die (mysql_error());
if (mysql_num_rows($queryresult) > 0) {
$row=mysql_fetch_assoc($queryresult);
$userid=$row;
}

$resins=mysql_query("INSERT INTO gallery (`user_id`, `image_name`) VALUES ('$userid','$v')")
or die("Error in INSERT: ".mysql_error());[/PHP]

Column names have to be ` and not '
Found it in a book I have

dzy · 04-03-2008 08:30PM

You don't have to quote the field names in the SQL.

So it would be

[COLOR=#000000][COLOR=#dd0000]"INSERT INTO gallery (user_id, image_name) VALUES ($userid,'$v')"[/COLOR][/COLOR]

Webmonkey · 04-03-2008 08:33PM

dzy wrote: »
You don't have to quote the field names in the SQL.

So it would be
[COLOR=#000000][COLOR=#dd0000]"INSERT INTO gallery (user_id, image_name) VALUES ($userid,'$v')"[/COLOR][/COLOR]

Yep it safer not to have anything around the column/field names. Very hard to see different between a ` and a ' sometimes - and could drive you mad!

Jordan79 · 04-03-2008 08:39PM

Yeah I had it tried a lot of ways but kept getting syntax errors. It works now so think I will just go with it.
I have all my DB storage PHP written now so I am happy

oh all this code is for my college project so thanks again for all the help

sh_o · 04-03-2008 11:17PM

debugging tip..... What can help when doing these types of things is to output the $sql part in the die statement so when looking at the sql that is produced, you can copy and paste this into a sql worksheet.

Webmonkey · 04-03-2008 11:32PM

sh_o wrote: »

debugging tip..... What can help when doing these types of things is to output the $sql part in the die statement so when looking at the sql that is produced, you can copy and paste this into a sql worksheet.

[php]mysql_query(.......) or die (mysql_errorno())[/php] - Yep useful alright

Bluefrog · 05-03-2008 01:18AM

I actually think it can be helpful to quote the field names even though it's not required - it stops you generating errors if you accidentally use reserved keywords as column names.

MySQL error

Comments