I get this error message, any help would be appreciated.
( ! ) Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ')' at line 1 in index.php on line 96
( ! ) PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ')' at line 1 in index.php on line 96
This is the code:
$centroId = $_SESSION['userId'];
$orderby= 'id DESC';
if (isset($_GET['orderby'])){
$orderby=filter_var($_GET['orderby'],FILTER_SANITIZE_STRING);
}
$where='';
$search='';
if (isset($_GET['cerca'])){
$search=filter_var($_GET['cerca'],FILTER_SANITIZE_STRING);
$where=' AND (cognome like "%'.$search.'%" OR nome like "%'.$search.'%" OR id='.$search.') ';
}
$perpage=3;
$sql='SELECT count(id) FROM utenti2 WHERE centroId=:centroId AND legge_privacy="SI" '.$where.'';
$result=$db->prepare($sql);
$result=$db->prepare($sql);
$result->bindParam(':centroId', $centroId, PDO::PARAM_INT);
$result->execute(); //line 96