sam06 Posted July 10, 2008 Share Posted July 10, 2008 There is something wrong with my code: <?php $username = $_POST['username']; $id = $_POST['id']; $fullname = $_POST['fullname']; $firstaddress = $_POST['firstaddress']; $secondaddress = $_POST['secondaddress']; $town = $_POST['town']; $county = $_POST['county']; $postcode = $_POST['postcode']; $email = $_POST['email']; if ( $id == "" ) { mysql_connect("************) or die(mysql_error()); mysql_select_db("s******************") or die(mysql_error()); mysql_query("INSERT INTO usertable (username, Full Name, 1st Address, 2nd Address, Town, County, Post Code, email) VALUES('$username', '$fullname', '$firstaddress', '$secondaddress', '$town', '$county', '$postcode', '$email') ") or die(mysql_error()); header( 'Location: thankslogin.html' ) ; } else { mysql_connect("***************") or die(mysql_error()); mysql_select_db("s*********") or die(mysql_error()); mysql_query("INSERT INTO usertable (username, referrer, Full Name, 1st Address, 2nd Address, Town, County, Post Code, email) VALUES('$username', '$id', '$fullname', '$firstaddress', '$secondaddress', '$town', '$county', '$postcode', '$email') ") or die(mysql_error()); header( 'Location: thankslogin.html' ) ; } ?> It must be the mysql query as it was working previous to changing it, it comes up with You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Name, 1st Address, 2nd Address, Town, County, Post Code, email) VALUES('testuser' at line 2 Quote Link to comment Share on other sites More sharing options...
dannyb785 Posted July 10, 2008 Share Posted July 10, 2008 You can't have spaces in your column name. Replace them with an underscore. You also need to do addslashes() in your $_POST variables bc if someone with the last name O'reilly submits their name, they'll get an error(not to mention those who want to hack the system). I also think I read somewhere that columns can't(or shoudlnt) start with a number. But that might not be a requirement. Also: it may not seem important now, but it will be of utter importance later if you have lots of users, you need to format the data types of your database correctly, allowing just enough space, but not too many. For example, you have the username/userpass as a text data type. A text takes up a good bit of space and should only be used for messages, posts, and possibly comments. But never something that will only, at most, have 20 characters. I suggest a varchar with a value of 20 or 25(and then use php code to enforce the character limit so the user knows). Same deal with email... I've never seen a (non spam) email address that has 100 characters. Image trying to tell someone your email address if it's that long! Also, your totalpoints is set to int(100). If I remember correctly, that's 100 bits. Meaning it will hold a value as high as 2^100. That is a huuuuuuuuuuuuuuuuuuuuuuuuuuuuge number. Unless your totalpoints adds up atoms in the universe, you'll never need a value that big reserved And on the other hand, you have Full Name being only 10 characters? Besides Al Gore, I don't know of many people whose full names are only 10 characters long. Make it something like 50 or so. Quote Link to comment Share on other sites More sharing options...
sam06 Posted July 10, 2008 Author Share Posted July 10, 2008 Thats great- thank you Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.