I am trying to remove double quotes from saved strings: using DBeaver, but also tried command line:
UPDATE wp_postmeta
SET meta_value REPLACE(meta_value, '"', '')
where meta_key = 'cstnfo_spot_1_kvm_ID'
;
And the SQL-Error is:
SQL-Fehler [1064] [42000]: (conn=279) You have an error [...] near 'REPLACE(`meta_value`, '"', '')
I've tried REPLACE(meta_value, '"', '') and (meta_value, '\"', '') since I want to find the double quote " and remove it from the string.
As bschellekens pointed out in the comments, I just missed the '=', so it should be:
UPDATE wp_postmeta
SET meta_value = REPLACE(meta_value, '"', '')
where meta_key = 'cstnfo_spot_1_kvm_ID'
;
Related
I want to select columns from users and usermeta tables.
This is my query:
$sql = $wpdb->prepare(
"SELECT {$wpdb->users}.ID FROM {$wpdb->users}
WHERE {$wpdb->users}.user_registered <= '%s'
AND {$wpdb->usermeta}.meta_key='custom_status'
AND {$wpdb->usermeta}.meta_value=0
INNER JOIN {$wpdb->usermeta} ON {$wpdb->users}.ID= {$wpdb->usermeta}.user_id", $before);
, but it doesn't select nothing. I know that I have one user with this meta_value and user_registered less than the current date time ($before).
This is what $before is like: 2019-07-06 19:03:55
The problem is that you're wrapping the %s placeholder in single quotes. That's not needed because WordPress will replace all instances of %s with a proper string containing the value you passed to the prepare() method.
So, taking that into consideration, your code becomes:
$sql = $wpdb->prepare(
"SELECT {$wpdb->users}.ID FROM {$wpdb->users}
WHERE {$wpdb->users}.user_registered <= %s
AND {$wpdb->usermeta}.meta_key='custom_status'
AND {$wpdb->usermeta}.meta_value=0
INNER JOIN {$wpdb->usermeta} ON {$wpdb->users}.ID= {$wpdb->usermeta}.user_id", $before);
Additionally, the INNER JOIN ... part of your query has to be placed before your WHERE clause or else MySQL will throw an invalid syntax error:
$sql = $wpdb->prepare(
"SELECT {$wpdb->users}.ID FROM {$wpdb->users}
INNER JOIN {$wpdb->usermeta} ON {$wpdb->users}.ID= {$wpdb->usermeta}.user_id
WHERE {$wpdb->users}.user_registered <= %s
AND {$wpdb->usermeta}.meta_key='custom_status'
AND {$wpdb->usermeta}.meta_value=0", $before);
I want to read query string from URL and save them into a sqlite database
I face with these Error message:
PHP Warning: SQLite3::exec(): near ",": syntax error
But I don't the problems:
$Tel = $_REQUEST["from"];
$Content = $_REQUEST["text"];
echo $Tel = strip_tags($Tel);
echo $Content = strip_tags($Content);
$sql =<<<EOF
INSERT INTO foodordering(Fullname, Tel, RecievingTime, Content)
VALUES ("Ehsan", $Tel, date('now'), $Content);
EOF;
$ret = $db->exec($sql);
As mentioned by #HassanAhmed, this is what happens when inputs are not properly handled; you're seeing the same issue as if someone was using SQL injection against you. The quick fix is to wrap the fields in quotation marks:
VALUES ("Ehsan", "$Tel", date('now'), "$Content");
What you should be doing is binding the parameters:
$sql =<<<EOF
INSERT INTO foodordering(Fullname, Tel, RecievingTime, Content)
VALUES ("Ehsan", :tel, date('now'), :content);
EOF;
$stmt = $db->prepare($sql);
$stmt->bindValue(':tel', $_REQUEST['from']);
$stmt->bindValue(':content', $_REQUEST['text']);
$ret = $stmt->execute();
I am having trouble importing into sql lite.
I am exporting a table from Sql Server into a flat file encoded in UTF-8. And then trying to import the flat file into sqlite db. DB is UTF-8 encoded.
These lines are troublesome (tab delimited, line ends with CRLF):
ID w posid def
1234 bracket 40 "(" and ")" spec...
1234 bracket 40 Any of the characters "(", ")", "[", "]", "{", "}", and, in the area of computer languages, "<" and ">".
Error:
unescaped " character
I have tried replacing the quotes " with double quotes "", still doesn't work.
Import settings: tab separator
.separator " "
.import data.txt words
sqlite Table Schema:
CREATE TABLE words (ID integer NOT NULL, w TEXT NOT NULL, posid integer NOT NULL, def TEXT NOT NULL);
Update:
Somehow, adding a hash at the beginning of the def field in Sql Server worked:
update words set def = '#' + def
Not sure why that is. This worked, but it added an unwanted character in the field.
It turned out import can mess up when there are new line characters, or quotes, or commas.
One solution would be to replace these characters with some other character sequences, or character codes (e.g. char(1), char(2)...) , and make sure fields don't contain these sequences or codes, before you run the import. For example, replace quotes with --, then import, then replace -- with quotes again. I have another table with some text fields that have new line characters, and this solution seems to work.
before import:
update [table] set comment = REPLACE(comment, CHAR(13), '-*-')
update [table] set comment = REPLACE(comment, CHAR(10), '%-$-%')
update [table] set comment = REPLACE(comment, '"', '%-&-%')
after import:
update [table] set comment = REPLACE(comment, '-*-', CHAR(13))
update [table] set comment = REPLACE(comment, '%-$-%', CHAR(10))
update [table] set comment = REPLACE(comment, '%-&-%', '"')
To do that without changing the input data, use ascii mode and set the column separator to tab and the row separator to CRLF.
.mode ascii
.separator "\t" "\r\n"
See my answer to this other question for an explanation of why.
I'm using $wpdb to connect to a different database than my wordpress one like this:
$newdb = new wpdb(DB_NEW_USER, DB_NEW_PASSWORD, DB_NEW_NAME, DB_NEW_HOST);
I need to insert multiple rows into the database.
I used the code from this answer: Wordpress $wpdb. Insert Multiple Records.
To run the query, I use this line:
$newdb->query( $newdb->prepare("$query", $values));
When I do echo $query, this is the result: (there are more than 3 columns, but I shortened if for times sake)
INSERT INTO table (column1, column2, column3) VALUES ('%s', '%s', '%s')
When I var_dump($values), it returns an array with the same amout of strings as I have columns.
When I run the query, I get the following error:
WordPress database error: [Query was empty]
I tried selecting from the database in a similar fashion and it did work, so my connected to the db is working.
What am I doing wrong?
If anyone can help me I would really appreciate it.
Are you sure your query look like this?
$metakey = "Harriet's Adages";
$metavalue = "WordPress' database interface is like Sunday Morning: Easy.";
$wpdb->query( $wpdb->prepare(
"
INSERT INTO $wpdb->postmeta
( post_id, meta_key, meta_value )
VALUES ( %d, %s, %s )
",
array(
10,
$metakey,
$metavalue
)
) );
I am doing the following:
$type = 'attachment';
$images = $wpdb->get_results($wpdb->prepare('
SELECT p.*
FROM wp_%d_posts p
WHERE p.post_parent =%d
AND p.post_type = "%s"
', $blog_id, $page->ID, $type),OBJECT);
var_dump($images);
If I remove the line 'AND p.post_type = "%s"' then I get results returned, otherwise I get an empty array returned. If I run the query direct against the DB in a mysql client, I get results.
There is no error, just an empty result set. I am doing similar queries throughout my file and they are working so I'm not looking for "don't do it like that" style replies. I just need to understand why this isn't working and fix it.
PHP 5.3, MYSQL 5.1. WordPress MU 2.9.2
Do not Quote "%s". From the WordPress site, "Notice that you do not have to worry about quoting strings. Instead of passing the variables directly into the SQL query, use a %s placeholder for strings and a %d placedolder for integers."
Example:
$wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_title = %s WHERE ID = %d", $var, $id ) );