0

I am facing a syntax issue with a CodeIgniter database query. Can't figure out what's wrong.

$query = $this->db->query("
   INSERT IGNORE INTO ".$table." (email, lang, ip_address) 
   VALUES (".$this->db->escape($_POST['email']).", ".$this->db->escape($lang).", ".$this->input->ip_address().")");

I am also looking for a way to output what the query looks like once the placeholders are replaced, as I am little confused with CodeIgniter debugging options.

Improve this question

4 Answers 4

Reset to default
2

It looks as though you are not escaping the strings that you're trying to input into the database. The query you've posted would evaluate to something like:

$query = $this->db->query("
    INSERT IGNORE INTO table_name (email, lang, ip_address) 
    VALUES ([email protected], en, 192.168.0.1)
");

This will throw an error as the strings in VALUES are not properly escaped. Instead of the query you're running you should use something like:

$query = $this->db->query("
    INSERT IGNORE INTO ".$table." (email, lang, ip_address) 
    VALUES ('".$this->db->escape($_POST['email'])."', '".$this->db->escape($lang)."', '".$this->input->ip_address()."')
");

Note the new ' characters around each string.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

use 

echo $this->db->last_query();

for retrieving the query runned.

so then check if the query is well formatted.

Improve this answer

Comments

0

To know what query you are passing to your database. Use below statement and to insert data into the database. Please follow the below procedure. 

  echo $this->db->last_query();

     $data = array(
           'email' =>  $this->db->escape($_POST['email']),
           'lang' = >  $this->db->escape($lang),
           'ip_address' => $this->input->ip_address(),
     );

 Call your model function $this->model->insert_function_name($data);

Your model function in your model file
public function insert_function_name($data)

  {
         $this->db->insert($table_name,$data);
    return $this->db->insert_id();
  }
Improve this answer

Comments

0

Try this : your query was missing single quotes to the string type of value like email, lang and ip

$query = $this->db->query("
   INSERT IGNORE INTO ".$table." (email, lang, ip_address) 
   VALUES ('".$this->db->escape($_POST['email'])."', '".$this->db->escape($lang)."', '".$this->input->ip_address()."')");
Improve this answer

1 Comment

good, if you consider this is the right answer please select it as a answer.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.