Akenatehm Posted February 7, 2009 Share Posted February 7, 2009 Hey Guys, I am getting this error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') VALUES('The Admin Team at Server', '0', 'Thanks for Voting and Purchasing an I' at line 1 with the following code: <?php $host = "localhost"; $name = "username"; $pass = "pass"; $db = "db"; $con = mysql_connect($host,$name,$pass); if (!$con) { die('Failed to Connect:' . mysql_error()); } $selectdb = mysql_select_db($db); if (!$selectdb) { die('Failed to Select Database:' . mysql_error()); } $username = $_COOKIE['Username']; $item = $_POST['item']; $checkusername = mysql_query("SELECT * FROM points WHERE account = '$username' "); if(!$checkusername) { die('Failed to Check Your Username' . mysql_error()); } elseif(mysql_num_rows($checkusername) == 0) { echo "Your Username Does not Exist on the Database"; } else { $enoughpoints = mysql_query("SELECT requiredpoints FROM rewards WHERE name = '$item'"); if(!$enoughpoints) { die('Failed to Check Points of Item' . mysql_error()); } else { while ($results = mysql_fetch_array($enoughpoints, MYSQL_ASSOC)) { $cost = $results['requiredpoints']; } $userpoints = mysql_query("SELECT * FROM points WHERE account = '$username'"); $userpointsresults = mysql_fetch_array($userpoints, MYSQL_ASSOC); $userhaspoints = $userpointsresults['points']; if(!$userpoints) { die('Failed to Check Your Points' . mysql_error()); } else { if($cost > $userhaspoints) { echo "You do not have enough points"; } else{ $character = $_POST['charactername']; $amount = $cost; $deduct = mysql_query("UPDATE points SET points = points - " . $amount . " WHERE account = '" . $username . "' AND points >= '" . $amount . "';"); if (!$deduct) { die('Failed to Deduct Gold' . mysql_error()); } else{ $getguid = mysql_query("SELECT guid FROM characters WHERE name = '$character'"); if(!$getguid) { die('Could Not Find GUID of User' . mysql_error()); } else{ $sortguid = mysql_fetch_array($getguid, MYSQL_ASSOC); $userhaspoints = $sortguid['guid']; $getitemid = mysql_query("SELECT itemid FROM rewards WHERE name = '$item'"); if(!$getitemid) { die('Could Not Find ID of Item' . mysql_error()); } else{ $sortitemid = mysql_fetch_array($getitemid, MYSQL_ASSOC); $itemid = $sortitemid['itemid']; /*Email Form Starts Hereeeeeeeeeeeeeeeeeeeeeeeeeeeee ########################################################################################################################################################################################################################*/ echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">'; echo '<html xmlns="http://www.w3.org/1999/xhtml">'; echo '<head>'; echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />'; echo '<title>Ingame Mail</title>'; echo '<link href="style.css" rel="stylesheet" type="text/css">'; echo '</head><body>'; echo '<table border="0" align="center">'; // connect to the db mysql_connect($host, $name, $pass) or die("Cannot connect: ".mysql_error()); mysql_select_db($db) or die("Cannot select database. ".mysql_error()); // get user inputs $sender_guid = "The Admin Team at Server"; $receiver_guid = $character; $subject = "Thanks for Voting and Purchasing an Item from Our Store! "; $body = "Here is the item you have purchased from the CorpseWoW Website Voting Rewards System"; $stationary = ''; $money = $_POST['money']; $item_id = "$itemid"; // $receiver_guid = mysql_real_escape_string(html_entity_decode(htmlentities($receiver_guid))); $subject = mysql_real_escape_string(html_entity_decode(htmlentities($subject))); $body = mysql_real_escape_string(html_entity_decode(htmlentities($body))); $stationary = mysql_real_escape_string(html_entity_decode(htmlentities($stationary))); $money = mysql_real_escape_string(html_entity_decode(htmlentities($money))); $item_id = mysql_real_escape_string(html_entity_decode(htmlentities($item_id))); $query = mysql_query("SELECT * from characters WHERE name = '".$receiver_guid."'"); while($result = mysql_fetch_array($query)) { $guid = $result['guid']; $query1 = "INSERT INTO mailbox_insert_queue(sender_guid, receiver_guid, subject, body, stationary, money, item_id,) VALUES('$sender_guid', '$guid', '$subject', '$body', '$stationary', '$money', '$item_id')"; $result = mysql_query($query1) or die(mysql_error()); echo "<tr><td align=center>"; echo "Mail Sent."; echo "</td></tr>"; } mysql_close(); } } } } } } } ?> Link to comment https://forums.phpfreaks.com/topic/144184-solved-error-in-sql-syntax/ Share on other sites More sharing options...
Philip Posted February 7, 2009 Share Posted February 7, 2009 Change: $query1 = "INSERT INTO mailbox_insert_queue(sender_guid, receiver_guid, subject, body, stationary, money, item_id,) VALUES('$sender_guid', '$guid', '$subject', '$body', '$stationary', '$money', '$item_id')"; to: $query1 = "INSERT INTO `mailbox_insert_queue` (`sender_guid`, `receiver_guid`, `subject`, `body`, `stationary`, `money`, `item_id`) VALUES ('$sender_guid', '$guid', '$subject', '$body', '$stationary', '$money', '$item_id')"; echo $query1; I think I took care of the error, but echoing it would show where the error is if it is still in there. Link to comment https://forums.phpfreaks.com/topic/144184-solved-error-in-sql-syntax/#findComment-756622 Share on other sites More sharing options...
Akenatehm Posted February 7, 2009 Author Share Posted February 7, 2009 Thanks. That fixed it. Much appreciated Link to comment https://forums.phpfreaks.com/topic/144184-solved-error-in-sql-syntax/#findComment-756629 Share on other sites More sharing options...
Philip Posted February 7, 2009 Share Posted February 7, 2009 Yup - reason was "item_id,)" - the extra comma Link to comment https://forums.phpfreaks.com/topic/144184-solved-error-in-sql-syntax/#findComment-756633 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.