I am trying to see if there is an existing row in my sqlite database and if not add it. But something is wrong with my query. I hope someone can spot my error.
Specifically I thin the error is in the query line:
$query = 'SELECT * FROM plant WHERE common_Name = '. $commonName . ' AND latin_Name = '. $latinName . 'AND url = '. $URL ;
Thank you,
Todd
// set path of database file
$file = "db/plants.db";
// create database object
$db = new SQLiteDatabase($file) or die("Could not open database");
// see if the EXACT same tag exists
$query = 'SELECT * FROM plant WHERE common_Name = '. $commonName . ' AND latin_Name = '. $latinName . 'AND url = '. $URL ;
$result = $db->query($query) or die("Error in query");
$rows = sqlite_num_rows($result);
if($rows>0) return; //do not add it
// generate query string
$query = 'INSERT INTO plant (common_Name, latin_Name, url) VALUES("'.$commonName.'","'. $latinName.'","'.$URL.'")';
// execute query
// return result object
$result = $db->query($query) or die("Error in query");
// destroy database object
unset($db);
You’re missing quotes in your SELECT query, so it’s failing.
Note the indicated quote changes and formatting differences. As well, unless you’ve done it somewhere else outside of your code snippet, be aware that this type of query construction is vulnerable to SQL injection attacks, and you should read up and learn about those before you go any farther with this code.
Next time you put in an error handler (kudos for checking the return value, by the way), don’t just output a static “Something went wrong” error message. That’s useless for diagnostics. The database can tell you exactly what went wrong, so output the DB’s error message instead, e.g.
sqlite_error_message().