Home Parsing MySQL prepare statement
Reply: 1

Parsing MySQL prepare statement

Flemming Lemche
1#
Flemming Lemche Published in 2018-01-13 13:13:01Z

I'm trying to create a general insert/update function but I'm getting an error on the parsing statement.

First i create the Update and Insert string

$update = '$wpdb->prepare("UPDATE '. $dbTable. ' SET Distance = %d WHERE Date = %s AND UserID = %d", '. $distance. ', '. $today. ', '. $userID. ')';
$insert = '$wpdb->prepare("INSERT INTO '. $dbTable. ' (Distance, Date, UserID) VALUES (%d,%s,%d)", '. $distance. ', '. $today. ', '. $userID. ')';

When I echo this it looks okay:

$wpdb->prepare("INSERT INTO hfwp_Balance_Arm_Reach (Distance, Date, UserID) VALUES (%d,%s,%d)", 50, 2018-01-13, 29)

But when I pass it to my function I get a syntax error.

function hfwp_SaveFormData($update, $insert, $userID, $today, $dbTable)
{
  global $wpdb;
  $wpdb->show_errors();

  $sql = $wpdb->prepare("SELECT COUNT(*) UserID FROM $dbTable WHERE Date = %s AND UserID = %d", $today, $userID );
  $count = $wpdb->get_var($sql);

  if ($count > 0)
  {
    if (strpos($update, '$wpdb->prepare(' ) === 0) {

        $wpdb->query($update);

        if ($wpdb->last_error != "") {
            $error = $wpdb->last_error;
            hfwp_Log_Errors($update, $userID, $today, $error);
        }
    }

  }else{
    if (strpos($insert, '$wpdb->prepare(' ) === 0) {

        $wpdb->query($insert);

        if ($wpdb->last_error != "") {
            $error = $wpdb->last_error;
            hfwp_Log_Errors($insert, $userID, $today, $error);
        }
    }
}

}

Error:

<div id="error"><p class="wpdberror"><strong>WordPress databasefejl:</strong> [You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 

&#039;$wpdb-&gt;prepare(&quot;INSERT INTO hfwp_Balance_Arm_Reach (Distance, Date, UserID) VALU&#039; at line 1]<br /><code>$wpdb-&gt;prepare(&quot;INSERT INTO hfwp_Balance_Arm_Reach (Distance, Date, UserID) VALUES (%d,%s,%d)&quot;, 50, 2018-01-13, 29)</code></p></div>

<div id="error"><p class="wpdberror"><strong>WordPress databasefejl:</strong> [You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near &#039;$wpdb-&gt;prepare(&quot;INSERT INTO hfwp_Balance_Arm_Reach (Distance, Date, UserID) VALU&#039; at line 1]<br /><code></code></p></div>

Is it not possible to parse a SQL statement including the prepare "$wpdb->prepare" or am I missing something in my statement ???

jasinth premkumar
2#
jasinth premkumar Reply to 2018-01-13 13:36:11Z

remove '' in update and insert

$update = $wpdb->prepare("UPDATE '. $dbTable. ' SET Distance = %d WHERE Date = %s AND UserID = %d, '. $distance. ', '. $today. ', '. $userID. '");
$insert =$wpdb->prepare("INSERT INTO '. $dbTable. ' (Distance, Date, UserID) VALUES (%d,%s,%d)", '. $distance. ', '. $today. ', '. $userID.'");

and execute in funtion like this $update->execute()

you received syntx error because $update contains string not query in your code here

$wpdb->query($update);

$update contains'$wpdb->prepare("UPDATE '. $dbTable. ' SET Distance = %d WHERE Date = %s AND UserID = %d", '. $distance. ', '. $today. ', '. $userID. ')'; \

echen you print $update it will print the value of update which your prepare statement.

for e.g $R='priot()'; do you think this will execute, it won't $R contain value i.e priot() not tha return value of priot()

learn here

You need to login account before you can post.

About| Privacy statement| Terms of Service| Advertising| Contact us| Help| Sitemap|
Processed in 0.338443 second(s) , Gzip On .

© 2016 Powered by mzan.com design MATCHINFO