aznjay Posted September 15, 2008 Share Posted September 15, 2008 $msg = $_POST['message']; $date = $_POST['date']; $time = $_POST['time']; $head = $_POST['title']; $descri = $_POST['desp']; $whbase = $_POST['base']; $query = "INSERT INTO '$whbase' (title, time, date, desp, article) VALUES ('$head', '$time', '$date', '$descri', '$msg')"; mysql_query($query) or die('Error, insert query failed'); Is there something wrong with this? Quote Link to comment Share on other sites More sharing options...
genericnumber1 Posted September 15, 2008 Share Posted September 15, 2008 change 'Error, insert query failed' to mysql_error() I spot your error! do you? edit: I'll play nice, try removing the quotes around the table name. Also, your script is vulnerable to sql injection Quote Link to comment Share on other sites More sharing options...
Garethp Posted September 15, 2008 Share Posted September 15, 2008 Looks alright, is it giving you any trouble? Quote Link to comment Share on other sites More sharing options...
aznjay Posted September 15, 2008 Author Share Posted September 15, 2008 This is what i got 'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' (title, time, date, desp, article) VALUES ('', '', '', '', '')' at line 1' I don't know how to fix it Quote Link to comment Share on other sites More sharing options...
genericnumber1 Posted September 15, 2008 Share Posted September 15, 2008 but backticks around your field names, because ones like date and time are mysql functions. INSERT INTO $whbase (`title`, `time`, `date`, `desp`, `article`) VALUES ('$head', '$time', '$date', '$descri', '$msg') Quote Link to comment Share on other sites More sharing options...
aznjay Posted September 15, 2008 Author Share Posted September 15, 2008 <? include 'database.php'; $msg = $_POST['message']; $date = $_POST['date']; $time = $_POST['time']; $head = $_POST['title']; $descri = $_POST['desp']; $whbase = $_POST['base']; $query = "INSERT INTO "'$whbase'" (title, time, date, desp, article) VALUES ('$head', '$time', '$date', '$descri', '$msg')"; mysql_query($query) or die(mysql_error()); ?> Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING in /home/jayjay/public_html/phpentrytut.php on line 10 That is what i got...can somebody fix this please..i'm a noob.. Quote Link to comment Share on other sites More sharing options...
Garethp Posted September 15, 2008 Share Posted September 15, 2008 I dunno if this will help, but use this instead mysql_query("INSERT INTO $whbase (title, time, date, desp, article) VALUES ('$head', '$time', '$date', '$descri', '$msg')") or die('Error, insert query failed'); Quote Link to comment Share on other sites More sharing options...
aznjay Posted September 15, 2008 Author Share Posted September 15, 2008 but backticks around your field names, because ones like date and time are mysql functions. INSERT INTO $whbase (`title`, `time`, `date`, `desp`, `article`) VALUES ('$head', '$time', '$date', '$descri', '$msg') THERE is no problem with that I can gaurantee you that..the one i'm having problem to is the $whbase Quote Link to comment Share on other sites More sharing options...
genericnumber1 Posted September 15, 2008 Share Posted September 15, 2008 but backticks around your field names, because ones like date and time are mysql functions. INSERT INTO $whbase (`title`, `time`, `date`, `desp`, `article`) VALUES ('$head', '$time', '$date', '$descri', '$msg') THERE is no problem with that I can gaurantee you that..the one i'm having problem to is the $whbase I guarantee you. do $query = "INSERT INTO $whbase (`title`, `time`, `date`, `desp`, `article`) VALUES ('$head', '$time', '$date', '$descri', '$msg')"; Quote Link to comment Share on other sites More sharing options...
aznjay Posted September 15, 2008 Author Share Posted September 15, 2008 I dunno if this will help, but use this instead mysql_query("INSERT INTO $whbase (title, time, date, desp, article) VALUES ('$head', '$time', '$date', '$descri', '$msg')") or die('Error, insert query failed'); I did do that Quote Link to comment Share on other sites More sharing options...
aznjay Posted September 15, 2008 Author Share Posted September 15, 2008 I still get that You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(title, time, date, desp, article) VALUES ('', '', '', '', '')' at line 1 Quote Link to comment Share on other sites More sharing options...
genericnumber1 Posted September 15, 2008 Share Posted September 15, 2008 From that error, I can see that you did not do $query = "INSERT INTO $whbase (`title`, `time`, `date`, `desp`, `article`) VALUES ('$head', '$time', '$date', '$descri', '$msg')"; let me explain, you must remove the quotes from the database because that's not good syntax. You must put backticks around the time and date fields because they are mysql functions (DATE() AND TIME()) and they confuse the parser. The other backticks are for consistency. Quote Link to comment Share on other sites More sharing options...
aznjay Posted September 15, 2008 Author Share Posted September 15, 2008 nvm figured it out...i jst seperated it into two pages thnx Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.