A2xA Posted September 1, 2008 Share Posted September 1, 2008 I've made a script along with my forum register to add the same entries into a different database. In the first register file it has the variables and such that are in the handle_this function passed over to SiteRegister.php Where then the second SiteRegister.php file inserts into a database The first file (with variables): //Shit that won't work $memberID = registerMember($regOptions); require_once('/x/x/x/x/x/SiteRegister.php'); handle_this($regOptions, $memberID); Second file (SiteRegister.php): <?php function handle_this($regOptions, $memberID) { global $db_prefix; mysql_query("INSERT INTO users (userName, userUser, userPass, UserID, userEmail) VALUES (" . $regOptions['username'] . ", " . $regOptions['username'] . ", " . $regOptions['password'] . ", " . $memberID . " " . $regOptions['email'] . ")"); } ?> If someone could take a look at the code and tell me why it's not working I'd greatly appreciate it Link to comment https://forums.phpfreaks.com/topic/122243-solved-my-sql-insert-script-isnt-inserting-no-errors/ Share on other sites More sharing options...
blinky001 Posted September 1, 2008 Share Posted September 1, 2008 Might want to escape the slashes before inserting entries into a database like that. either use sprintf format for the query or use addslashes() on each of the variables in your query. Never trust user content!! Link to comment https://forums.phpfreaks.com/topic/122243-solved-my-sql-insert-script-isnt-inserting-no-errors/#findComment-631159 Share on other sites More sharing options...
A2xA Posted September 1, 2008 Author Share Posted September 1, 2008 My registration page is full of requirements and security.. this is just a function it goes through when they pass through everything else. Except it's not working. Link to comment https://forums.phpfreaks.com/topic/122243-solved-my-sql-insert-script-isnt-inserting-no-errors/#findComment-631167 Share on other sites More sharing options...
PFMaBiSmAd Posted September 1, 2008 Share Posted September 1, 2008 The only obvious problem is that string values must be enclosed in single-quotes. You should form your query in a variable (for several reasons) and then echo it to make sure it contains what you expect. Your mysql_query() also contains no error checking to get it tell you why it is failing. At a minimum, add or die(mysql_error()); Link to comment https://forums.phpfreaks.com/topic/122243-solved-my-sql-insert-script-isnt-inserting-no-errors/#findComment-631175 Share on other sites More sharing options...
A2xA Posted September 1, 2008 Author Share Posted September 1, 2008 Oh wow, I thought I had that on the end. Thanks, I'll come back after I get an error. Link to comment https://forums.phpfreaks.com/topic/122243-solved-my-sql-insert-script-isnt-inserting-no-errors/#findComment-631180 Share on other sites More sharing options...
A2xA Posted September 1, 2008 Author Share Posted September 1, 2008 I got this error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '[email protected])' at line 2 I'm getting somewhere now. The [email protected] is the e-mail I used in the registration. Link to comment https://forums.phpfreaks.com/topic/122243-solved-my-sql-insert-script-isnt-inserting-no-errors/#findComment-631181 Share on other sites More sharing options...
blinky001 Posted September 1, 2008 Share Posted September 1, 2008 You are missing quotes around the strings as previously mentioned by PFMaBiSmAd - I missed that before, sorry - so used to seeing " SET `x` = ?, `y` = ? "etc - didn't even cross my mind! Link to comment https://forums.phpfreaks.com/topic/122243-solved-my-sql-insert-script-isnt-inserting-no-errors/#findComment-631184 Share on other sites More sharing options...
A2xA Posted September 1, 2008 Author Share Posted September 1, 2008 Thanks. I'm not sure what you mean by that. Can you give me an example as to what I'm doing? Link to comment https://forums.phpfreaks.com/topic/122243-solved-my-sql-insert-script-isnt-inserting-no-errors/#findComment-631189 Share on other sites More sharing options...
blinky001 Posted September 1, 2008 Share Posted September 1, 2008 <?php mysql_query("INSERT INTO users (userName, userUser, userPass, UserID, userEmail) VALUES ('".$regOptions['username']."', '".$regOptions['username']."', '".$regOptions['password']."', '".$memberID."', '".$regOptions['email']."')"); ?> This still does not data sanitisation - make sure you check for the usual culprits like sql injection... Cheers, Paul Link to comment https://forums.phpfreaks.com/topic/122243-solved-my-sql-insert-script-isnt-inserting-no-errors/#findComment-631193 Share on other sites More sharing options...
A2xA Posted September 1, 2008 Author Share Posted September 1, 2008 tight it works. Thanks! Link to comment https://forums.phpfreaks.com/topic/122243-solved-my-sql-insert-script-isnt-inserting-no-errors/#findComment-631199 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.