Mysql giving error only when using query via variable

Asked

Viewed 47 times

2

I am trying to save information in my database with the following functions:

$sql = $request[0];
$query = $this->conn->prepare($sql);
$query->execute();

var_dump of $sql:

string(322) "INSERT INTO Fornecedor (razao_social, nome_fantasia, telefone, 
 email, tipo_fornecedor, logadouro, numero, bairro, cep, cidade, estado, 
 pais) VALUES ('teste', 'outra coisa', '345923942394', 
  '[email protected]', '0', 'rua aldm', '211', 'sdfsdfsdfsdf', '188-5852', 
  'marilia', 'sum paulo', 'brazil');"

However, when executing the code returns me the following error:

"You have an error in your SQL syntax; check the manual that Corresponds to your Mysql server version for the right syntax to use near '' at line 1"

And I have no idea what might be going on, because if I put the value of $sql inside the prepare function, like this:

$query = $this->conn->prepare("INSERT INTO Fornecedor (razao_social, 
 nome_fantasia, telefone, email, tipo_fornecedor, logadouro, numero, bairro, 
 cep, cidade, estado, pais) VALUES ('teste', 'outra coisa', '345923942394', 
 '[email protected]', '0', 'rua aldm', '211', 'sdfsdfsdfsdf', '188-5852', 
 'marilia', 'sum paulo', 'brazil');");

It saves information normally.

bin2hex return($sql): 494e5345525420494e544f20466f726e656365646f722028000072617a616f5f736f6369616c2c2000006e6f6d655f66616e74617369612c20000074656c65666f6e652c200000656d61696c2c2000007469706f5f666f726e656365646f722c2000006c6f6761646f75726f2c2000006e756d65726f2c20000062616972726f2c2000006365702c2000006369646164652c20000065737461646f2c20000070616973292056414c5545532028277465737465272c20276f7574726120636f697361272c2027333435393233393432333934272c20276d69676875656c406d69676875656c2e636f6d272c202730272c202772756120616c646d272c2027323131272c2027736466736466736466736466272c20273138382d35383532272c20276d6172696c6961272c202773756d207061756c6f272c20276272617a696c27293b

1 answer

3


I asked a Hexdump to understand the reason your original Dump indicates 322 characters in a string of about 300.

Precisely, in your Hexdump, I notice that it has several sequences of the character Nul (00), which is invalid in a query.

This is a problem in sending the information, or in some previous processing of the string, and not of the code found in the question.

Once sent and received, the results should return to normal. Resist the temptation to treat the value, as it will create other problems. Better fix the original error.

I marked with * the Nul, for easy viewing:

49 4e 53 45 52 54 20 49 4e 54 4f 20 46 6f 72 6e 65 63 65 64 6f 72 20 28*00*00 72 61
7a 61 6f 5f 73 6f 63 69 61 6c 2c 20*00*00 6e 6f 6d 65 5f 66 61 6e 74 61 73 69 61 2c
20*00*00 74 65 6c 65 66 6f 6e 65 2c 20*00*00 65 6d 61 69 6c 2c 20*00*00 74 69 70 6f
5f 66 6f 72 6e 65 63 65 64 6f 72 2c 20*00*00 6c 6f 67 61 64 6f 75 72 6f 2c 20*00*00
6e 75 6d 65 72 6f 2c 20*00*00 62 61 69 72 72 6f 2c 20*00*00 63 65 70 2c 20*00*00 63
69 64 61 64 65 2c 20*00*00 65 73 74 61 64 6f 2c 20*00*00 70 61 69 73 29 20 56 41 4c
55 45 53 20 28 27 74 65 73 74 65 27 2c 20 27 6f 75 74 72 61 20 63 6f 69 73 61 27 2c
20 27 33 34 35 39 32 33 39 34 32 33 39 34 27 2c 20 27 6d 69 67 68 75 65 6c 40 6d 69
67 68 75 65 6c 2e 63 6f 6d 27 2c 20 27 30 27 2c 20 27 72 75 61 20 61 6c 64 6d 27 2c
20 27 32 31 31 27 2c 20 27 73 64 66 73 64 66 73 64 66 73 64 66 27 2c 20 27 31 38 38
2d 35 38 35 32 27 2c 20 27 6d 61 72 69 6c 69 61 27 2c 20 27 73 75 6d 20 70 61 75 6c
6f 27 2c 20 27 62 72 61 7a 69 6c 27 29 3b

Browser other questions tagged

You are not signed in. Login or sign up in order to post.