Welcome Guest, Not a member yet? Register   Sign In
[SOLVED] Syntax Error: You have an error in your SQL syntax;
#11

[eluser]rm_beginner[/eluser]
[quote author="rm_beginner" date="1403705673"]put your sql query into a variable.

$sql="your sql statement........."
then
die($sql);

then give me the output.


before you run... $this->db->query($sql);
[/quote]

your error is SQL syntax not CI. that is the reason we want to know the output of your query. then manually you have to run that SQL query in your database program. phpmyadmin or navicat or mysql command line. you have to find a way how you debug your program and that is my suggestion.
#12

[eluser]riwakawd[/eluser]
[quote author="CroNiX" date="1403709017"]Looking at the query it should be evident that there are double single quotes around the things you are escaping. escape() adds the quotes, so you don't manually need to.
Code:
username = ''admin''
etc[/quote]

I have fixed Issue. I had to change "' '" to " " and now works perfect can login now.

New way working

Code:
$this->db->query("
INSERT INTO
`" . $data['db_prefix'] . "user`
SET
user_id       = '1',
user_group_id = '1',
username      =  " . $this->db->escape($data['username']) .",  
salt          =  ". $this->db->escape($salt = substr(md5(uniqid(rand(), true)), 0, 9)) .",
password      = ". $this->db->escape(sha1($salt . sha1($salt . sha1($data['password'])))) . ",
`status`      = '1',
email         =  ". $this->db->escape($data['email']) . ",
date_added    = NOW()
");

Old way

Code:
$this->db->query("
    INSERT INTO
       `" . $data['db_prefix'] . "user`
    SET
         user_id       = '1',
         user_group_id = '1',
         username      = '" . $this->db->escape($data['username']) . "',  
         salt          = '" . $this->db->escape($salt = substr(md5(uniqid(rand(), true)), 0, 9)) . "',
         password      = '" . $this->db->escape(sha1($salt . sha1($salt . sha1($data['password'])))) . "',

         `status`      = '1',

         email         = '" . $this->db->escape($data['email']) . "',
         date_added    = NOW()

");

}
#13

[eluser]rm_beginner[/eluser]
that what i saw in your previous post the backtick is differrent in quote but i want to make sure that's why i ask you to put in var $sql and die($sql) so that i can see it. ok at least u find ur bug :-)
#14

[eluser]jonez[/eluser]
Never seen an insert written that way, SET is usually used with updates. Inserts are typically written like this;

Code:
INSERT INTO mytable (columna, columnb) VALUES ('one', 'two');

I'd recommend using active record in this case since it will auto escape your data.

Code:
$this->db->insert( 'mytable', array( 'columna' => 'one', 'columnb' => 'two' ) );




Theme © iAndrew 2016 - Forum software by © MyBB