Home/ Questions/Q 7760293
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-01T13:50:57+00:00

I am using it to do with PHP. ERROR:- You have an error in

  • 0

I am using it to do with PHP.

ERROR:-

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

EDIT 1:

$SQLQUERY = sprintf("SELECT pd_serial FROM product_details WHERE pd_model_type=%s AND pd_model_name=%s AND pd_model_version=%s AND pd_product_group=%s LIMIT 1",
GetSQLValueString($modeltype, "text"),
GetSQLValueString($modelname, "text"),
GetSQLValueString($modelversion, "text"),
GetSQLValueString($modelgroup, "text"));
$QUERYEXEC =  mysql_query($SQLQUERY, $dacreint) or die("OOPS! Please try again.");

while ($QUERYFETCH = mysql_fetch_array($QUERYEXEC))
{
    $pdserial = $QUERYFETCH['pd_serial'];
}

EDIT 2:

while ($QUERYFETCH = mysql_fetch_array($QUERYEXEC))
{
    $pdserial = $QUERYFETCH['pd_serial'];
}
$SQLQUERY = sprintf("SELECT product_serial_no FROM products WHERE product_serial_no = '$product_serial_no'");
$TCcount_QE = mysql_query($SQLQUERY, $dacreint) or die(mysql_error());
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You should put strings within single quotes. And make sure you have escaped those string values using mysql_real_escape_string() or similar function

    SELECT pd_serial FROM product_details WHERE (pd_model_type='%s' AND pd_model_name='%s') AND (pd_model_version='%s' AND pd_model_group='%s') LIMIT 1

    UPDATE 1

                while ($QUERYFETCH = mysql_fetch_array($QUERYEXEC))
            {
                $pdserial = $QUERYFETCH['pd_serial'];
            }
    // let's comment out the following line
        //    $SQLQUERY = sprintf("SELECT product_serial_no FROM products WHERE product_serial_no = '$product_serial_no'");
// and modifying it as:
            $SQLQUERY = sprintf("SELECT product_serial_no FROM products WHERE product_serial_no = %s", GetSQLValueString($product_serial_no, "text"));
            $TCcount_QE = mysql_query($SQLQUERY, $dacreint) or die(mysql_error());
    • 0