You have an error in your SQL syntax

[Fredish]

I recently ran into a problem I've never seen before. I try to write a row into my table (ABCmeetings), but though the script is flawless it won't write the values to the database. So I added "or die(mysql_error());" to the line to see what was wrong and the outcome was this:

 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's','vf','normal','2008-08-12 22:40:43','Fred Miller' )' at line 1

 

What the hell? I thought. I have no idea of how to fix this. Please help me!

[Jabop]

Apparently your script isn't flawless.

 

Show us the whole query.

[Fredish]

   mysql_query( "INSERT INTO ABCmeetings ( location, say, tone, date, name ) VALUES( '$bossloc','$say','$tone','$date','$boss' )" ) or die(mysql_error());

That's the query. I've checked the variables and they all check out. I am pretty sure there's nothing wrong with the code. I've connected to the database and everything, I'm sure I haven't misspelled my database name.

[DarkWater]

Date is a MySQL reserved keyword, so you can't have a column named after it.

[Fredish]

I have used date as a column name in the past and it worked just fine. Though I tried changing it to: "indate" but the outcome was the same.

[revraz]

Actually Date is fine.   I'm wondering if its the missing space after VALUES and before ( because it looks fine.

[revraz]

Does this work

 

mysql_query( "INSERT INTO ABCmeetings (location, say, tone, date, name) VALUES ('s','vf','normal','2008-08-12 22:40:43','Fred Miller')" ) or die(mysql_error());

 

[Fredish]

I tried adding the space so it looked like this:

 

   mysql_query( "INSERT INTO ABCmeetings ( location, say, tone, indate, name ) VALUES ( '$bossloc','$say','$tone','$date','$boss' )" ) or die(mysql_error());

 

But the outcome was still the same.

[Fredish]

Does this work

 

mysql_query( "INSERT INTO ABCmeetings (location, say, tone, date, name) VALUES ('s','vf','normal','2008-08-12 22:40:43','Fred Miller')" ) or die(mysql_error());

 

Yes it did! so maybe it's the variables... Here they are:

 

   $say = $_POST[ 'say' ];
   $gang = $_COOKIE[ 'gang' ];
   $tone = "normal";

   $locations = mysql_query("SELECT * FROM ABCgang WHERE gang='$gang' AND rank='Boss'");
   $location = mysql_fetch_array( $locations );
   $boss = $location['name'];
   $bossloc = $location['location'];

   $date = date('Y-m-d H:i:s');

[revraz]

echo $bossloc and see if there is a extra ' in there.

[Fredish]

echo $location and see if there is a extra ' in there.

 

Omg you are totally right! $location is "Jonesey's"! that's some fancy work there revraz! I didn't know you couldn't have ':s in databases. How can I fix that?

[revraz]

Need to escape them.

[Fredish]

Not familiar at all with that, but I did this:

 

   $bossloc = $location['location'];
   $bossloc = array_map( "mysql_real_escape_string", $bossloc );

 

And the values of $bossloc is nothing. Did I do something wrong? I'm sorry for being so darn newbie

[revraz]

When you store the value, you can use addslashes and when you retrieve it, you can use stripslashes.

[Fredish]

It worked like a charm! Thanks very much dude!