0

i have this query

public function getGameHomes_limit($page,$limit){
    $query = sprintf('SELECT %1$sserver_homes.*,%1$sremote_servers.*, %1$sconfig_homes.*
        FROM `%1$sserver_homes` NATURAL JOIN `%1$sconfig_homes` NATURAL JOIN `%1$sremote_servers`; ',
        $this->table_prefix);
    return $this->listQuery($query);
}

and i need to set LIMIT

public function getGameHomes_limit($page,$limit){
    $query = sprintf('SELECT %1$sserver_homes.*,%1$sremote_servers.*, %1$sconfig_homes.*
        FROM `%1$sserver_homes` LIMIT '.$page.','.$limit.' NATURAL JOIN `%1$sconfig_homes` NATURAL JOIN `%1$sremote_servers`; ',
        $this->table_prefix);
    return $this->listQuery($query);
}

but i have this error

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'NATURAL JOIN ogp_config_homes NATURAL JOIN ogp_remote_servers' at line 2

Improve this question
4
  • 1
    The limit should come after all your joins. Commented Mar 14, 2017 at 21:17
  • bobby-tables.com Don't build SQL queries by string concatenation or variable substitution. Your code is wide open to SQL injection attacks. Commented Mar 14, 2017 at 21:24
  • please can you explain in example how can i protect my code from injection ? Commented Mar 14, 2017 at 21:28
  • Learn about prepared statements for MySQLi. Even escaping the string is not safe! Don't believe it? Commented Mar 14, 2017 at 21:33

1 Answer 1

Reset to default
2

Change the order of your query and make LIMIT the last bit like so:

public function getGameHomes_limit($page,$limit){
    $query = sprintf('SELECT %1$sserver_homes.*,%1$sremote_servers.*, %1$sconfig_homes.*
        FROM `%1$sserver_homes` NATURAL JOIN `%1$sconfig_homes` NATURAL JOIN `%1$sremote_servers` LIMIT '.$page.','.$limit.'; ',
        $this->table_prefix);
    return $this->listQuery($query);
}
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Great, consider marking it as an answer so the rest don't spend time giving more answers.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.