[support] How can I get the error message from database
Metzler, David
metzlerd at evergreen.edu
Wed Jan 11 23:41:24 UTC 2012
It is quite likely in fact that the lack of placeholders in your query
is the reason you're query is failing. One ' in the data for any of
those is guaranteed to cause the insert to fail.
Depending on where you are getting the data for these fields you may be
opening yourself up to SQL injection attacts.
Dave
-----Original Message-----
From: support-bounces at drupal.org [mailto:support-bounces at drupal.org] On
Behalf Of Todd
Sent: Wednesday, January 11, 2012 1:40 PM
To: support at drupal.org
Subject: Re: [support] How can I get the error message from database
Also, you should consider using placeholders for the data that you're
inserting into {user_profile_fields}. :)
db_query("INSERT INTO {user_profile_fields} (uid, username [...]) VALUES
(%d, '%s')", $uid, $username);
Regards,
Todd
On 11 Jan 2012, at 16:13, robert mena wrote:
> For some reason one of my queries is not executing. I've used the
> db_error() but I only get 0. I'd like to know how can I get the
> error message.
>
> I am using drupal 6, MySQL.
>
> $success = db_query("INSERT INTO {user_profile_fields} (uid, username,
> id_center, telephone, street, city, distt, country, zip) VALUES
> ('$uid', '$username', '$idcenter', '$telephone', '$street', '$city',
> '$district', '$country', '$zip')");
> if(!$success) {
> // here I am using the $error = db_error();
> }
>
> Regards.
> --
> [ Drupal support list | http://lists.drupal.org/ ]
--
[ Drupal support list | http://lists.drupal.org/ ]
More information about the support
mailing list