CODEWITHSUNDEEP
phpmysqlobjective-ciospdo
Justin Erswell
Justin Erswell

Reputation: 708

iOS to PDO PHP & MySQL

I am sending JSOn to a PHP web service using POST

JSON:

{"mDel":"NULL","mType":"text","mUserId":4,"lLong":"(null)","mPrivacy":1,"lLat":"(null)","mDate":"2012-13-25 13:13:25","mHeight":"NULL","mDescription":"Test","mPhoneUniqueKey":"425062012131325","mMedia":"4_2_20121325011325.png","lName":"Apple Store, San Francisco"}

PHP:

$request = Slim::getInstance()->request();
$moment = json_decode($request->getBody());
$sql = "INSERT INTO mymo_moment (profile_id, description, media, locationName, lat, long, mDate, privacy, type, iPhoneUniqueID, deleted, height) 
        VALUES (:mUserId, :mDescription, :mMedia, :lName, :lLat, :lLong, :mDate, :mPrivacy, :mType, :mPhoneUniqueKey, :mDel, :mHeight)";
try {
    $db = getConnection();
    $stmt = $db->prepare($sql);
    $stmt->bindParam(":mUserId", $moment->mUserId);
    $stmt->bindParam(":mDescription", $moment->mDescription);
    $stmt->bindParam(":mMedia", $moment->mMedia);
    $stmt->bindParam(":lName", $moment->lName);
    $stmt->bindParam(":lLat", $moment->lLat);
    $stmt->bindParam(":lLong", $moment->lLong);
    $stmt->bindParam(":mDate", $moment->mDate);
    $stmt->bindParam(":mType", $moment->mType);
    $stmt->bindParam(":mPrivacy", $moment->mPrivacy);
    $stmt->bindParam(":mPhoneUniqueKey", $moment->mPhoneUniqueKey);
    $stmt->bindParam(":mDel", $moment->mDel);
    $stmt->bindParam(":mHeight", $moment->mHeight);
    $stmt->execute();

    echo($stmt);

    $moment->id = $db->lastInsertId();
    $db = null;
    echo json_encode($moment);
} catch(PDOException $e) {
    echo '{"error":{"text":'. $e->getMessage() .'}}';
}

And I am getting the following error, I have looked at this and I cannot figure out what I am doing wrong any help would be great!

Error:

{"error":{"text":SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'long, mDate, privacy, type, iPhoneUniqueID, deleted, height) 
            VALUES ('4',' at line 1}}

Upvotes: 0

Views: 269

Answers (1)

Crozin
Crozin

Reputation: 44396

long, type - those names could be treated as keywords depending on RDBMS you're using. Change column names or escape their names, i.e. in MSSQL type "long" instead of long, in MySQL type {grave-accent}long{grave-accent}*

Also you could use following syntax to prepare a statement and bind parameters:

$stmt = $db->prepare($sql);
$stmt->execute(array(
    ':mType'   => $moment->mType,
    ...
    ':mHeight' => $moment->mHeight
));

Upvotes: 1

Related Questions