1

I tried doing this after going through many forums,

$date=date('Y-m-d H:i:s');

$query = "INSERT INTO temp_order(user_id ,item_id ,name ,price ,quantity, date) VALUES ({$_GET['cust_id']},{$_GET['item']},'{$content['name']}',{$content['price']},{$_GET['quan']},{$date})";

But still getting this error " You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '09:23:12)' at line 1".

I don't know what that means. Here date column inside database has type of 'datetime'.

Improve this question
7
  • 2
    Do not insert variables directly into the query string. Use something like Zend_Db to ->quote() the variables first, or use its ->insert() method. Commented Jun 30, 2013 at 9:26
  • @Pekka i tried using $dates, but still getting the same error Commented Jun 30, 2013 at 9:27
  • 2
    Your actual problem is that you're missing the quotes around '{$date}', but you'd be much better off using mysqli or pdo with parameterized queries instead. Commented Jun 30, 2013 at 9:28
  • 1
    @Pekka웃: nah, see the manual: "MySQL permits some keywords to be used as unquoted identifiers because many people previously used them. Examples are those in the following list: ... DATE..". Commented Jun 30, 2013 at 9:29
  • 1
    @Wrikken ah, nice! Didn't know that. Commented Jun 30, 2013 at 9:32

2 Answers 2

Reset to default
2

You're missing quotes around the date. It should be:

$query = "INSERT INTO temp_order(user_id ,item_id ,name ,price ,quantity, date)
          VALUES ({$_GET['cust_id']},{$_GET['item']},'{$content['name']}',
                  {$content['price']},{$_GET['quan']},'{$date}')";
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

It looks as though your date value is unquoted and it (the sql) looks thus to the database

..., 09:23:12)

which won't work. Try a) inspecting the actual value before using it, making sure it is quoted (if you have to use a string) and/or b) use one of the mysql built-in conversion functions so that you are passing a date object and not some kind of string.

e.g STR_TO_DATE documented here

Improve this answer

3 Comments

But when i echo out $date, it is giving this 2013-06-30 09:30:19, which i think is suitable for datetime field.
Since MySQL automatically converts strings using the same method as STR_TO_DATE, why is that necessary?
@Barmar: because it's bad practice to mix data types. Always assign a date object to a date field etc. And you want to know asap if your supposed value is valid or not, before you send stuff over the wire.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.