I am trying to create mySQL tables that include php variables for names.
$papername=$_POST['txtpname']; $papertype=$_POST['txtptype']; $searchForValue = ','; if (strpos($papertype, $searchForValue) !== false) { $str_arr = explode (",", $papertype); foreach ($str_arr as $value) { $value = trim($value); $value = preg_replace('/s+/', '_', $value); $value = $papername.'_'.$value; $create=$pdo->prepare("CREATE TABLE ".$value." (id INT(6) UNSIGNED AUTO_INCREMENT PRIMARY KEY, product_type VARCHAR(30) NOT NULL, gsm VARCHAR(500) NOT NULL) ;"); $create->execute(); } }
But when I combine two variables with an underscore (line: $value = $papername.’_’.$value;) and give that as the table name, I get an SQL syntax error.
SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '(id INT(6) UNSIGNED AUTO_INCREMENT PRIMARY KEY, product_type VAR...' at line 1 in C:xampphtdocsdesignshopposaddpapertype.php:36 Stack trace: #0 C:xampphtdocsdesignshopposaddpapertype.php(36): PDOStatement->execute() #1 {main} thrown in C:xampphtdocsdesignshopposaddpapertype.php on line 36
However, when I remove line: $value = $papername.’_’.$value;, the query runs fine. Can someone help me with this?
Advertisement
Answer
I think you’re just missing the quotes. It should be escaped using ticks.
$create=$pdo->prepare("CREATE TABLE `".$value."` (id INT(6) UNSIGNED AUTO_INCREMENT PRIMARY KEY, product_type VARCHAR(30) NOT NULL, gsm VARCHAR(500) NOT NULL) ;");