MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use

Last Reply 8 months ago By Mudassar

Posted 8 months ago

I am getting the error as:

Message = "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '=0) OR (inq1.event_id in())) AND  (('--Select--'='--Select--') OR (inq.inquiry_s' at line 1"

 queryStr = "SELECT distinct  inq.inquiry_id,inq.source,inq.contact_name,inq.contact_name2,inq.email,inq.email1,inq.email2,inq.email3,inq.email4,inq.email5,inq.website,inq.website1,inq.contact_number,inq.telphone,inq.fax, inq.mobile, inq.product, inq.designation, inq.designation2, inq.address,inq.reason,inq.interested_in,inq.company,cat.category,country.country_name,inq.date,inq.inquiry_status,log.name " + appquery2 + " FROM crm_inquiry_perticipant inq  " +
                   " INNER JOIN crm_login log ON inq.inquiry_owner=log.log_id " +
                   "INNER JOIN crm_category cat ON inq.cat_id=cat.cat_id INNER JOIN crm_countries country ON inq.country=country.country_id  " +
                    "INNER JOIN crm_inquiry_event_assigned inq1 on inq.inquiry_id=inq1.inquiry_id " +
                    "INNER JOIN crm_event event on inq1.event_id=event.event_id " +
                  " WHERE   " +
                  " (( " + owner + "=0) OR (inq.inquiry_owner=" + owner + ")) AND " +
                   "(( " + category + "=0) OR (inq.cat_id=" + category + ")) AND " +
                    " ((" + country + "=0) OR (inq.country=" + country + ")) AND " +
                     " ((" + agent + "=0) OR (inq.agent_id=" + agent + ")) AND  " +
                     " ((" + queryEventIDs + "=0) OR (inq1.event_id in(" + queryEventIDs + "))) AND  " +
                     //     "inq1.event_id in(" + queryEventIDs + ") AND " +
                     "(('" + status + "'='--Select--') OR (inq.inquiry_status='" + status + "')) AND " +
                      " (('" + StartDateString + "'='') OR (inq.date BETWEEN '" + StartDateString + "' AND '" + EndDateString + "'))  " +                     
                     appquery + prodquery + " Order By inq.inquiry_id desc  ";

I am trying to export the details from start date to end date.I am not getting the result but if i am commenting on below line, iam getting the details from start to end date.Whats wrong with the query.

 

 " ((" + queryEventIDs + "=0) OR (inq1.event_id in(" + queryEventIDs + "))) AND  " +

 

Posted 8 months ago

Add a breakpoint and copy the SQL and paste it in SQL Server and check it.

Since we don't have your database it is not possible for us to check.

to avoid such Syntax error you must use parameterized query.

Using Parameterized queries to prevent SQL Injection Attacks in SQL Server