cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0
Upvote

"Syntax error in INSERT INTO statement." comment posting error.

Guest
Apr 25, 2012 Apr 25, 2012

Copy link to clipboard

Copied

I had this working perfectly on MySQL. Then I was told I needed to do it with an mdb database in Access, now errors are popping up like crazy. I fixed all except this one, I get a 'Syntax error in INSERT INTO statement.' when I try to post a comment on a post in my mini-blog site.

The thing is, I use pretty much the exact same code for the comments that I do for the blog posts themselves. The posts work fine, the comments don't.

It says the error is on my addcomment_process page on like 119. It's the following (line 119 is underlined, the bolded line is also bolded in the error message):

<cfquery name="input_comments"

                    datasource="#DSN#"

                    username="#DSNUSER#"

                    password="#DSNPASS#">

 

INSERT INTO comments(

                         commenter,

                         comment,

                         datetime,

                         post_id

                    )

               VALUES(

                         '#form.commenter#',

                         '#form.comment#',

                         '#form.datetime#',

                         '#form.post_id#'

                   )

</cfquery>

It's getting all the data fine, just not inserting it, because it says:

"INSERT INTO comments( commenter, comment, datetime, post_id ) VALUES( 'Anonymous', 'test comment.', '25-Apr-12 10:55 PM', '2' )"

It worked perfectly when it was a MySQL database, now I keep getting errors with this one part of the site now that it's MDB. Anyone know what's going on?

Views

6.1K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

Adam Cameron.
LEGEND , Apr 25, 2012 Apr 25, 2012

datetime is a reserved word in Access.

--

Adam

Votes

Translate

Translate
replies 13 Replies 13
latest latest Jump to latest reply
Owainnorth
Guide ,
Apr 25, 2012 Apr 25, 2012

Copy link to clipboard

Copied

Presumably the post_id column is numeric? In which case, you shouldn't have quotes around it. Also, use queryparams.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guest
Apr 25, 2012 Apr 25, 2012

Copy link to clipboard

Copied

In Response To Owainnorth

I removed the quotes, nothing changed. I'm fairly new to this, I thought queryparams were a MySQL thing? How would I use them in this situation with mdb?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Owainnorth
Guide ,
Apr 25, 2012 Apr 25, 2012

Copy link to clipboard

Copied

In Response To Deleted User

In which case it'll be that Access has a different date format to MySQL, and you're trying to push the string "'25-Apr-12 10:55 PM" into Access, which it's not understanding. To get around this, you need to treat your variable as a true date/time object, rather than a formatted string.

CFQueryParams should be used on absolutely every database platform, they'll stop your website being vulnerable to SQL Injection attacks for one, which at the moment you're wide open to. Replace your query with something like this:

<cfquery name="input_comments" datasource="#DSN#" username="#DSNUSER#" password="#DSNPASS#">

      INSERT INTO comments(

                         commenter,

                         comment,

                         datetime,

                         post_id

                    )

               VALUES(

                         <cfqueryparam cfsqltype="cf_sql_varchar" value="#form.commenter#" />,

                         <cfqueryparam cfsqltype="cf_sql_varchar" value="#form.comment#" />,

                         now(),

                         <cfqueryparam cfsqltype="cf_sql_numeric" value="#form.post_id#" /> )

</cfquery>

The QueryParams will handle the data types for you, and should pass values around more safely and with fewer issues. Assuming you just want to store the current date and time you don't even need to get ColdFusion involved, as databases have their own functions for this. I believe Access' version is simply NOW(), so I've put that in your query.

Give the above a go.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adam Cameron.
LEGEND ,
Apr 25, 2012 Apr 25, 2012

Copy link to clipboard

Copied

datetime is a reserved word in Access.

--

Adam

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adam Cameron.
LEGEND ,
Apr 25, 2012 Apr 25, 2012

Copy link to clipboard

Copied

In Response To Adam Cameron.

Oh, and why the heck are you downgrading from MySQL to Access??!

--

Adam

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Owainnorth
Guide ,
Apr 25, 2012 Apr 25, 2012

Copy link to clipboard

Copied

In Response To Adam Cameron.

Oh, and why the heck are you downgrading from MySQL to Access??!

This is also a very good question.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Owainnorth
Guide ,
Apr 25, 2012 Apr 25, 2012

Copy link to clipboard

Copied

In Response To Adam Cameron.

Eurgh, Adam knows about Access. I think so much less of you now.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adam Cameron.
LEGEND ,
Apr 25, 2012 Apr 25, 2012

Copy link to clipboard

Copied

In Response To Owainnorth

Eurgh, Adam knows about Access. I think so much less of you now.

Adam knows about Google.

Adam knows an appropriate amount about Access.  IE: nothing.

--

Adam

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Owainnorth
Guide ,
Apr 25, 2012 Apr 25, 2012

Copy link to clipboard

Copied

In Response To Adam Cameron.

Adam knows an appropriate amount about Access.  IE: nothing.

Incorrect - you know the one thing *everyone* should know about Access - it is the darkest spawn of the devil and deserves to be burned with fire.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Dan_Bracuk
LEGEND ,
Apr 25, 2012 Apr 25, 2012

Copy link to clipboard

Copied

LATEST
In Response To Adam Cameron.

Regarding, "Adam knows an appropriate amount about Access. IE: nothing."

I know how to use Access.  For Abudubbah, if you have to do this again, there might be a better way.

If you have an odbc connection to the MySql database, you can create linked tables in your Access db.  Then you can do your insert query right in Access and bypass ColdFusion altogether.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guest
Apr 25, 2012 Apr 25, 2012

Copy link to clipboard

Copied

Thank you so much, I changed datetime to post_time and it worked. I'm downgrading because, from what I understand, the server this site is going on doesn't have the ability to use MySQL databases and it needs to be an Access database or something. At least, that's what I was told.

Thank you both.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Owainnorth
Guide ,
Apr 25, 2012 Apr 25, 2012

Copy link to clipboard

Copied

In Response To Deleted User

I'm downgrading because, from what I understand, the server this site is going on doesn't have the ability to use MySQL databases and it needs to be an Access database or something. At least, that's what I was told.

Joking aside, Access is not server software and should never be anywhere near a server; I'd question whoever made this decision as it's a bad one. MySQL is free and infinitely superior.

I'm glad you fixed your issue though, but please do use params every time you enter a variable into a query.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
BKBK Community Expert
Community Expert ,
Apr 25, 2012 Apr 25, 2012

Copy link to clipboard

Copied

I agree with Owain. In addition to what he says, the datetime value should probably not have quotes either.

Update: Ignore. Despite this contributing nothing, my browser took too long to post it!

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation
ColdFusion User Guide
Copyright © 2023 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices