I'm trying to generate a database query using fuelphp.
$query = DB::query("SELECT LCASE(:field) FROM :table WHERE :field = :val AND 'id' != :id");
$query->bind('field',$field);
$query->bind('table',$table);
$query->bind('val',$val);
$query->bind('id',$id);
$result = $query->execute();
My code returns this mysql query:
SELECT LCASE('short_code') FROM 'events' WHERE 'short_code' = 'uvt2015' AND 'id' != '0`
which gives me this error
#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'events' WHERE 'short_code' = 'uvt2015' AND 'id' != '0'
When I replace the single quotes around the column names I get this query which gives me the results I want.
SELECT LCASE(`short_code`) FROM `events` WHERE `short_code` = 'uvt2015' AND `id` != '0'
Why is it that fuelphp generates queries with the wrong quotes? I suspect this might be an error related to the versions of my fuelphp/php/mysql.
You can not bind the table name as a parameter in prepared statement. It will be handled as a string and so there are single quotes arround this name.
you have to use :
$query = DB::query("SELECT LCASE($field) FROM `$table` WHERE $field = :val AND 'id' != :id");