yogibear Posted August 9, 2008 Share Posted August 9, 2008 Hi This isn’t my first attempt at php but I haven’t used it for a while and am a little confused. I have been asked if I can create a site that records flight details that users enter. I am on the date, one thing I remember having problem with in the past. This is the code I have: $day = $_POST['day']; $month = $_POST['month']; $year = $_POST['year']; $new_date=$year."-".$month."-".$day; echo "$new_date <br>"; $sql="INSERT INTO Record(Date_of_flight, Pilot_name, Take_off_airfield, Arrival_field, Start_time, Take_off_time, Landing_time, Shut_down_time, Charge_time_of_flight, Number_of_landing, Number_of_tags, Deductible_charges, Payment_method, Comments) VALUES ($new_date,'$_POST[Pilot_name]','$_POST[Take_off_airfield]','$_POST[Arrival_field]','$_POST[start_time]','$_POST[Take_off_time]','$_POST[Landing_time]','$_POST[shut_down_time]','$_POST[Charge_time_of_flight]','$_POST[Number_of_landing]','$_POST[Number_of_tags]','$_POST[Deductible_charges]','$_POST[Payment_method]','$_POST[Comments]')"; This is the error I get: Error: Unknown column 'Jan' in 'field list' I also get $new_date displayed above, so that is working correctly. Any help would be great Thanks yogi Link to comment https://forums.phpfreaks.com/topic/118951-little-help/ Share on other sites More sharing options...
CaptainChainsaw Posted August 9, 2008 Share Posted August 9, 2008 try putting quotes round $new_date. CC Link to comment https://forums.phpfreaks.com/topic/118951-little-help/#findComment-612509 Share on other sites More sharing options...
Fadion Posted August 10, 2008 Share Posted August 10, 2008 Appart from quotes in $new_date, u should have also quotes in $_POST['somevar'] when u insert them into the db. Without adding that u should clean input. A good way should be: <?php $new_date = mysql_real_escape_string($_POST['year'] . '-' . $_POST['month'] . '-' . $_POST['day']); $somefield = mysql_real_escape_string($_POST['somefield']); $resultsInsert = @mysql_query("INSERT INTO table (date, somefield) VALUES ('$date', '$somefield')") or die(mysql_error()); ?> Even if u may have the data input from selects, they can be edited too so its a good practice to clean every input. Hope this helps. Link to comment https://forums.phpfreaks.com/topic/118951-little-help/#findComment-612638 Share on other sites More sharing options...
yogibear Posted August 11, 2008 Author Share Posted August 11, 2008 It works! Thank you, I really appreciate it. It's nice to know that there is a community that are willing to help. Best wishes, thanks again yogi Link to comment https://forums.phpfreaks.com/topic/118951-little-help/#findComment-613236 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.