Jump to content


Photo

SQL Error


  • Please log in to reply
4 replies to this topic

#1 xyn

xyn
  • Members
  • PipPipPip
  • Advanced Member
  • 779 posts
  • LocationNorthampton

Posted 03 July 2006 - 09:29 PM

Hey Guys!
Can someone tell me what's wrong with my SQL Code, I've checked the code and can't spot an error so it's probably my eyes.

MYSQL_ERROR();
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 16

mysql_query("INSERT INTO profile (user, age, fav_music, fav_band, fav_song, hat_music, hat_band, hat_song, fir_album, fir_single, fir_gig, interests, stats, rated, date, time) VALUES ('".strtolower($usrnam)."',
	'".$_POST[age]."',
	'".$_POST[fav_music]."',
	'".$_POST[fav_band]."',
	'".$_POST[fav_song]."',
	'".$_POST[hat_music]."',
	'".$_POST[hat_band]."',
	'".$_POST[hat_song]."',
	'".$_POST[fir_album]."',
	'".$_POST[fir_single]."',
	'".$_POST[fir_gig]."',
	'".$_POST[interests]."',
	'".$_POST[stats]."',
	'0',
	'$date',
	'$time'") or die(mysql_error());


#2 xyn

xyn
  • Members
  • PipPipPip
  • Advanced Member
  • 779 posts
  • LocationNorthampton

Posted 03 July 2006 - 09:41 PM

I've done it now Lol. mist the connection string...
and a spelling error

#3 JayBachatero

JayBachatero
  • Members
  • PipPipPip
  • Advanced Member
  • 296 posts
  • LocationQueens NY

Posted 03 July 2006 - 09:42 PM

Try this.

mysql_query("
	INSERT INTO profile
		(user, age, fav_music, fav_band, fav_song, hat_music, hat_band, hat_song,
		fir_album, fir_single, fir_gig, interests, stats, rated, date, time)
	VALUES (
		'" .strtolower($usrnam) ."', '$_POST[age]', '$_POST[fav_music]', '$_POST[fav_band]',
		'$_POST[fav_song]', '$_POST[hat_music]', '$_POST[hat_band]', '$_POST[hat_song]',
		'$_POST[fir_album]', '$_POST[fir_single]', '$_POST[fir_gig]', '$_POST[interests]', '$_POST[stats]', '0', '$date', '$time')"
) or die(mysql_error());

Also you should look into addslashes().
JayBachatero
SMF Developer && Converter Specialist

#4 effigy

effigy
  • Staff Alumni
  • Advanced Member
  • 3,600 posts
  • LocationIL

Posted 03 July 2006 - 09:49 PM

Also you should look into addslashes().


...or use MySQL's real_escape_string to prevent injection attacks.
Regexp | Unicode Article | Letter Database
/\A(e)?((1)?ff(?:(?:ig)?y)?|f(?:ig)?)\z/

#5 redarrow

redarrow
  • Members
  • PipPipPip
  • Advanced Member
  • 7,308 posts
  • Locationlondon

Posted 03 July 2006 - 09:50 PM

$query="INSERT INTO profile (user, age, fav_music, fav_band, fav_song, hat_music, hat_band, hat_song, fir_album, fir_single, fir_gig, interests, stats, rated, date, time) VALUES ('$usrnam','$age','$fav_music','$fav_band','$fav_song','$hat_music','$hat_band','$hat_song','$fir_album','$fir_single],'$fir_gig','$interests','$stats]','0','$date','$time'") or die(mysql_error())";
Wish i new all about php DAM i will have to learn
((EMAIL CODE THAT WORKS))
http://simpleforum.ath.cx/mail2.inc
((PAYPAL INTEGRATION THAT WORKS))
http://simpleforum.a...aypal1_info.inc




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users