Trying to insert a lot of records from a MySQL database into SQL Server(2005 SQLExpress) database. Here’s the query and the error from PHP. I am not understanding it. All opening strings are closed properly but still..
INSERT INTO tbl_email (uniq_id, Respondent_ID, Bcode, BID, Email, Voornaam, Voorletters, Tussenvoegsel, Achternaam, Geslacht, Adres, Huisnummer, Toevoeging, Postcodecijfers, Postcodeletters, Woonplaats, Land, Telefoon1, Mobiel, Telefoon2, Matchkey, Profile, Geboortejaar, Geboortedatum, Leefsituatie, Gezinsgrootte, Inkomen, Beroep, Opleiding, Huis, Huisjaar, Huistype, Tuin, Auto, Beleggen, Kopenopafstand, Financien, Respondenttype, Charitype, Chari, Postcode, Huisdier, EV2, EV3, EV4, EV5, EV6, EV7, EV8, EV9, Aanmaakdatum, fk_ID_projectreactie, status_subscribed, unsubscribeddate, insertdatetime, editdatetime, to_delete) VALUES (6, "41", "288", "53", "test@hotmail.com", "a", "M", "", "0", "2", "0", "176", "", "5652", "EP", "a", "", "", "0", "0", "0", "", "0", "", "2", "2", "", "4", "4", "1", "2006", "", "", "", "1", "1", "", "3", "", "", "a", "1", "", "", "", "", "", "", "", "", "a", 0, 0, Null, Null, Null, 1)
Warning: mssql_query() [function.mssql-query]: message: Unclosed quotation mark after the character string ''. (severity 15) in crn_export_mssql.php on line 94
What could be the problem. I ran this query singly through SQL Server management console and it accepted and inserted. I even ran this query in another PHP file and data was inserted. However, when I do it in a PHP loop then this problem., The code snippet is,
while(//get rows from mysql)
{ //create query on runtime
$query = $strInsertDump . '('.implode(', ', $arrInsertField).')';
$result = mssql_query($query, $mslink);
}
Edit:
I used PDO now and here’s what the errorInfo returns.
Array
(
[0] => HY000
[1] => 20018
[2] => Incorrect syntax near ''. [20018] (severity 5) [(null)]
[3] => -1
[4] => 5
[5] => OpenClient
)
- Remove From My Forums
-
Вопрос
-
How do I overcome the following error message
Msg 102, Level 15, State 1, Line 4
Incorrect syntax near ‘ll’.
Msg 105, Level 15, State 1, Line 6
Unclosed quotation mark after the character string ».It occurs because the query is trying to store the following text which contains a quotation mark,how do i over come this
this is the query
SET @Query =
‘UPDATE MyTable
SET doses’+ CONVERT(VARCHAR,@Counter)+’=»’+ RTRIM(LTRIM(@Clinic))+»’,
doses_date’+CONVERT(VARCHAR,@Counter)+’=»’+ RTRIM(LTRIM(@appt))+»’,
dose’+CONVERT(VARCHAR,@Counter)+’=»’+ RTRIM(LTRIM(@text))+»’
WHERE left(unitno,7) = »’+left(@patientid,7)+»»
—
EXECUTE (@Query)
print @Query
…..dose4=’SPOKEN TO John Smith, he’ll have a look on it.’-
Изменено
25 ноября 2013 г. 12:29
-
Изменено
Ответы
-
Try the below:
SET @Query = 'UPDATE MyTable SET doses'+ CONVERT(VARCHAR,@Counter)+' = '''+ RTRIM(LTRIM(Replace(@Clinic,'''','''''')))+''', doses_date'+CONVERT(VARCHAR,@Counter)+' = '''+ RTRIM(LTRIM(Replace(@appt,'''','''''')))+''', dose'+CONVERT(VARCHAR,@Counter)+' = '''+ RTRIM(LTRIM(Replace(@text,'''','''''')))+''' WHERE left(unitno,7) = '''+left(@patientid,7)+'''' -- EXECUTE (@Query) print @Query
-
Помечено в качестве ответа
Sam233
25 ноября 2013 г. 13:40
-
Помечено в качестве ответа
- Remove From My Forums
-
Question
-
Hi,
I am getting the error «Unclosed quotation mark after the character string ‘)» with this code:
Code Snippet
cmd = New SqlCommand(«INSERT INTO PRODUCT VALUES (‘» & Me.TextBox1.Text & _
«‘,'» & Me.TextBox2.Text & «‘,'» & Me.TextBox3.Text & «‘,'» & Me.ComboBox.Text & _
«‘,'» & Me.TextBox4.Text & «‘»»)», conn)Do anyone know what’s going wrong around Me.TextBox4.Text. Thanks.
Answers
-
That’s because Micah’s Suggestions contains a single quote — to clean it up, replace single quotes with two single quotes…it’ll run fine if you do:
Code Snippet
cmd = New SqlCommand(«INSERT INTO PRODUCT VALUES (‘» & Replace(Me.TextBox1.Text, «‘», «»») & _
«‘,'» & Replace(Me.TextBox2.Text, «‘», «»») & «‘,'» & Replace(Me.TextBox3.Text, «‘», «»») & «‘,'» & Replace(Me.ComboBox.Text, «‘», «»») & _
«‘,'» & Replace(Me.TextBox4.Text, «‘», «»») & «‘)», conn)BTW — you’re better off using SQL Parameters when you are passing user input values into a statement. As it stands (before you apply the Replace edits I mentioned above), what do you think would happen if somebody entered the following into TextBox1:
Blah’, », », », »); DROP TABLE PRODUCT; —
You would get….
INSERT INTO PRODUCT VALUES(‘Blah’, », », », »); DROP TABLE PRODUCT; — (the rest of your command).
Syntax might be off by a bit (I’m not a hacker by trade!), but you get the idea. SQLParameters make sure that the data passed in is treated as such, not as executable code. Of course, the user you are accessing SQL Server with should never have access to DROP the PRODUCT table, but it’s good to cover your bases on all accounts.
You’re missing the end quote, this should get you there.
WHILE (@7DaysEarlierPartitionIntegerId <= @CurrentPartitionIntegerId)
BEGIN
Set @7DaysEarlierPartitionId
= CAST(@7DaysEarlierPartitionIntegerId AS char)
set @sqlCommand
= 'Select * from '
+ quotename(@RequestUsage_Partition + @7DaysEarlierPartitionId)
+ 'where UserLogin like ''r2rohit.kharade'''
exec(@sqlCommand)
set @7DaysEarlierPartitionIntegerId
= @7DaysEarlierPartitionIntegerId + 1
END
I generally like to use CHAR(39) in place of multiple quotes, just to make code more readable
WHILE (@7DaysEarlierPartitionIntegerId <= @CurrentPartitionIntegerId)
BEGIN
Set @7DaysEarlierPartitionId
= CAST(@7DaysEarlierPartitionIntegerId AS char)
set @sqlCommand
= 'Select * from '
+ quotename(@RequestUsage_Partition + @7DaysEarlierPartitionId)
+ 'where UserLogin like ' + CHAR(39) + 'r2rohit.kharade' + CHAR(39)
exec(@sqlCommand)
set @7DaysEarlierPartitionIntegerId
= @7DaysEarlierPartitionIntegerId + 1
END
Bonus thought, just as another, more readable version, you could also QUOTENAME
WHILE (@7DaysEarlierPartitionIntegerId <= @CurrentPartitionIntegerId)
BEGIN
Set @7DaysEarlierPartitionId
= CAST(@7DaysEarlierPartitionIntegerId AS char)
set @sqlCommand
= 'Select * from '
+ quotename(@RequestUsage_Partition + @7DaysEarlierPartitionId)
+ ' where UserLogin like ' + QUOTENAME('r2rohit.kharade', CHAR(39))
exec(@sqlCommand)
set @7DaysEarlierPartitionIntegerId
= @7DaysEarlierPartitionIntegerId + 1
END
The following error “Unclosed quotation mark after the character string…” occurs when you miss a quotation mark.
When the single quote is used once, and to close statement SQL Server is expecting for another one single quote. In some reason, a user can forget to do it. For example:
BACKUP DATABASE Adventureworks TO DISK = 'diff.bak
In this case, SQL Server will send the following error message:
Msg 105, Level 15, State 1, Line 1 Unclosed quotation mark after the character string 'diff.bak'.
Also, assume that the statement has been copied from MS Word document or website to SSMS and the “Unclosed quotation mark after the character string…” error appears. This happened because a single quote in MS Word or website ( ‘ ) is different from the single quote in SSMS ( ‘ ).
To fix this error just put another one single quote in the beginning or in the end of the statement where it needed:
BACKUP DATABASE Adventureworks TO DISK = 'diff.bak'
Now i have string a = "Unclosed quotation mark after the character string '%Bamboo.Widgets.RequestApproval.CollectTask ORDER BY Date DESC'. Incorrect syntax near '%Bamboo.Widgets.RequestApproval.CollectTask ORDER BY Date DESC'." for filter
I’m using replace («‘»,»»»)
replace («%»,»[%]»)
replace («[«,»[[]»)
and I have as a result for string strSQL =
select * from studiologs
where [Message]
like '%Unclosed quotation mark after the character string ''%Bamboo.Widgets.RequestApproval.CollectTask ORDER BY Date DESC''. Incorrect syntax near ''%Bamboo.Widgets.RequestApproval.CollectTask ORDER BY Date DESC''.%'
but result always is null
please help me replace this string for filter
thanks all
asked Aug 6, 2010 at 8:58
I think you have missed one more quotation mark at end of query —
select * from studiologs where [Message] like '%Unclosed quotation mark after the character string ''%Bamboo.Widgets.RequestApproval.CollectTask ORDER BY Date DESC''%'
or remove that last quotation mark as well, if your string does not have ‘
select * from studiologs where [Message] like '%Unclosed quotation mark after the character string ''%Bamboo.Widgets.RequestApproval.CollectTask ORDER BY Date DESC%'
Depending on what you are searching exactly
answered Aug 6, 2010 at 9:06
Sachin ShanbhagSachin Shanbhag
53.7k11 gold badges88 silver badges103 bronze badges
2
Best thing I would do here is to transfer your SQL query into a procedure, that way the string you give it wont need filtering as the punctuation in the string will not affect the syntax of the query.
So something like this:
USE MYDATABASE
CREATE PROC GET_STUDIO_LOGS
@INPUT_STRING AS NVARCHAR(1024)
AS
BEGIN
SELECT * FROM STUDIOLOGS WHERE [Message] LIKE '%' + @INPUT_STRING + '%'
END
EXEC GET_STUDIO_LOGS 'Unclosed quotation mark after the character string ''%Bamboo.Widgets.RequestApproval.CollectTask ORDER BY Date DESC''. Incorrect syntax near ''%Bamboo.Widgets.RequestApproval.CollectTask ORDER BY Date DESC''.'
If you use a program to submit the SQL then you can submit the string parameter as it is without any change in punctuation. Doing it natively in SQL you just add another ' (quotemark) to each quotemark that is meant to be part of the string.
If you are trying to escape the % marks you can set an escape character first:
SET ESCAPE '';
SELECT '%abc' FROM Table
Try that out, tell me how it goes.
answered Aug 6, 2010 at 9:40
2
- Remove From My Forums
-
Question
-
Hi,
I am getting the error «Unclosed quotation mark after the character string ‘)» with this code:
Code Snippet
cmd = New SqlCommand(«INSERT INTO PRODUCT VALUES (‘» & Me.TextBox1.Text & _
«‘,’» & Me.TextBox2.Text & «‘,’» & Me.TextBox3.Text & «‘,’» & Me.ComboBox.Text & _
«‘,’» & Me.TextBox4.Text & «‘»»)», conn)Do anyone know what’s going wrong around Me.TextBox4.Text. Thanks.
Answers
-
That’s because Micah’s Suggestions contains a single quote — to clean it up, replace single quotes with two single quotes…it’ll run fine if you do:
Code Snippet
cmd = New SqlCommand(«INSERT INTO PRODUCT VALUES (‘» & Replace(Me.TextBox1.Text, «‘», «»») & _
«‘,’» & Replace(Me.TextBox2.Text, «‘», «»») & «‘,’» & Replace(Me.TextBox3.Text, «‘», «»») & «‘,’» & Replace(Me.ComboBox.Text, «‘», «»») & _
«‘,’» & Replace(Me.TextBox4.Text, «‘», «»») & «‘)», conn)BTW — you’re better off using SQL Parameters when you are passing user input values into a statement. As it stands (before you apply the Replace edits I mentioned above), what do you think would happen if somebody entered the following into TextBox1:
Blah’, », », », »); DROP TABLE PRODUCT; —
You would get….
INSERT INTO PRODUCT VALUES(‘Blah’, », », », »); DROP TABLE PRODUCT; — (the rest of your command).
Syntax might be off by a bit (I’m not a hacker by trade!), but you get the idea. SQLParameters make sure that the data passed in is treated as such, not as executable code. Of course, the user you are accessing SQL Server with should never have access to DROP the PRODUCT table, but it’s good to cover your bases on all accounts.
SQL Server 2017 Developer SQL Server 2017 Enterprise SQL Server 2017 Enterprise Core More…Less
Symptoms
Assume that you use Master Data Services (MDS) in SQL Server 2017. If you create too many business rules on a single entity, and then you try to add a new member to the entity, you receive an error message that resembles the following:
Correlation ID: GUID : Unclosed quotation mark after the character string string.
Resolution
This problem is fixed in the following update for SQL Server:
Cumulative Update 9 for SQL Server 2017
About SQL Server builds
Each new build for SQL Server contains all the hotfixes and security fixes that were in the previous build. We recommend that you install the latest build for your version of SQL Server:
The latest build for SQL Server 2017
Status
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the «Applies to» section.
References
Learn about the standard terminology Microsoft uses to describe software updates.
Need more help?
- Remove From My Forums
-
Вопрос
-
How do I overcome the following error message
Msg 102, Level 15, State 1, Line 4
Incorrect syntax near ‘ll’.
Msg 105, Level 15, State 1, Line 6
Unclosed quotation mark after the character string ».It occurs because the query is trying to store the following text which contains a quotation mark,how do i over come this
this is the query
SET @Query =
‘UPDATE MyTable
SET doses’+ CONVERT(VARCHAR,@Counter)+’=»’+ RTRIM(LTRIM(@Clinic))+»’,doses_date’+CONVERT(VARCHAR,@Counter)+’=»’+ RTRIM(LTRIM(@appt))+»’,
dose’+CONVERT(VARCHAR,@Counter)+’=»’+ RTRIM(LTRIM(@text))+»’
WHERE left(unitno,7) = »’+left(@patientid,7)+»»
—
EXECUTE (@Query)
print @Query
…..dose4=’SPOKEN TO John Smith, he’ll have a look on it.’- Изменено
25 ноября 2013 г. 12:29
- Изменено
Ответы
-
Try the below:
SET @Query = 'UPDATE MyTable SET doses'+ CONVERT(VARCHAR,@Counter)+' = '''+ RTRIM(LTRIM(Replace(@Clinic,'''','''''')))+''', doses_date'+CONVERT(VARCHAR,@Counter)+' = '''+ RTRIM(LTRIM(Replace(@appt,'''','''''')))+''', dose'+CONVERT(VARCHAR,@Counter)+' = '''+ RTRIM(LTRIM(Replace(@text,'''','''''')))+''' WHERE left(unitno,7) = '''+left(@patientid,7)+'''' -- EXECUTE (@Query) print @Query
- Помечено в качестве ответа
Sam233
25 ноября 2013 г. 13:40
- Помечено в качестве ответа
The following error “Unclosed quotation mark after the character string…” occurs when you miss a quotation mark.
When the single quote is used once, and to close statement SQL Server is expecting for another one single quote. In some reason, a user can forget to do it. For example:
BACKUP DATABASE Adventureworks TO DISK = 'diff.bak
In this case, SQL Server will send the following error message:
Msg 105, Level 15, State 1, Line 1 Unclosed quotation mark after the character string 'diff.bak'.
Also, assume that the statement has been copied from MS Word document or website to SSMS and the “Unclosed quotation mark after the character string…” error appears. This happened because a single quote in MS Word or website ( ‘ ) is different from the single quote in SSMS ( ‘ ).
To fix this error just put another one single quote in the beginning or in the end of the statement where it needed:
BACKUP DATABASE Adventureworks TO DISK = 'diff.bak'
As per RyanDev’s suggestion I’m posting this solution …
BulletVictim[^] said
Quote:
try two ‘ around the @fin_year
(»+@fin_year+»))
I responded
Quote:
Your error is in @sql. Can you post the output from the PRINT @sql command. BulletVictim is correct — you appear to missing single quotes around the string value.
OP has subsequently claimed that adding group by solved the problem
SELECT @fin_year = COALESCE (@fin_year + ',[' + fin_year + ']', '[' + fin_year + ']') FROM after_audit_cc_trans group by fin_year
The reason this works could be determined by examining the contents of @fin_year as this is being inserted into the @sql string for use in an IN clause.
in ('+@fin_year+'))
so the expected format is IN(‘value1′,’value2’, ‘value3’) etc.
The «trick» here is (as the OP has done) to print the SQL that the execute command has been provided. It is usually far easier to see the problem when you can see the characters that the error reports … «Incorrect syntax near ‘2010-20′» in this instance.
You’re missing the end quote, this should get you there.
WHILE (@7DaysEarlierPartitionIntegerId <= @CurrentPartitionIntegerId)
BEGIN
Set @7DaysEarlierPartitionId
= CAST(@7DaysEarlierPartitionIntegerId AS char)
set @sqlCommand
= 'Select * from '
+ quotename(@RequestUsage_Partition + @7DaysEarlierPartitionId)
+ 'where UserLogin like ''r2rohit.kharade'''
exec(@sqlCommand)
set @7DaysEarlierPartitionIntegerId
= @7DaysEarlierPartitionIntegerId + 1
END
I generally like to use CHAR(39) in place of multiple quotes, just to make code more readable
WHILE (@7DaysEarlierPartitionIntegerId <= @CurrentPartitionIntegerId)
BEGIN
Set @7DaysEarlierPartitionId
= CAST(@7DaysEarlierPartitionIntegerId AS char)
set @sqlCommand
= 'Select * from '
+ quotename(@RequestUsage_Partition + @7DaysEarlierPartitionId)
+ 'where UserLogin like ' + CHAR(39) + 'r2rohit.kharade' + CHAR(39)
exec(@sqlCommand)
set @7DaysEarlierPartitionIntegerId
= @7DaysEarlierPartitionIntegerId + 1
END
Bonus thought, just as another, more readable version, you could also QUOTENAME
WHILE (@7DaysEarlierPartitionIntegerId <= @CurrentPartitionIntegerId)
BEGIN
Set @7DaysEarlierPartitionId
= CAST(@7DaysEarlierPartitionIntegerId AS char)
set @sqlCommand
= 'Select * from '
+ quotename(@RequestUsage_Partition + @7DaysEarlierPartitionId)
+ ' where UserLogin like ' + QUOTENAME('r2rohit.kharade', CHAR(39))
exec(@sqlCommand)
set @7DaysEarlierPartitionIntegerId
= @7DaysEarlierPartitionIntegerId + 1
END
Insert line breaks to the line containing the SQL command. This makes it easier to find the problem:
SqlDataAdapter sda = new SqlDataAdapter( " Insert Into [Data Entry] (Id,Name,Gender,Age,Salary,Tax) Values ('" + textBox1.Text + "','" + textBox2.Text + "','" + comboBox1 + "'," + textBox3.Text + "','" + textBox4.Text + "','" + textBox5.Text + "')" ,con);
Here it is:
comboBox1 + "'," +
It must be
comboBox1 + "','" +
(and you probably have to use a ComboBox method like SelectedItem).
[EDIT — see comment by Maciej Los]
While not related to the question it is important to know about SQL injection — Wikipedia[^].
To avoid these always use parametrised queries. See SqlParameterCollection.AddWithValue Method (String, Object) (System.Data.SqlClient)[^] for example code.
As a side effect you will have better readable queries that are not prone to the errors from your question.
[/EDIT]