xyn Posted July 16, 2006 Share Posted July 16, 2006 Hey guys,I've used the $_GET to delete an individual message, and Obviously in a members are if the user was to change the ?id=[color=red]1[/color] to [color=red]2,3 or 4[/color] it would also delete them, so i've decided to prevent this by making sure the id is in the members Inbox.My problem is I've decided to automatically send a CFA to my zone moderators + to tell them a member has deliberatly eddited the URL and needs to be warned. but I'm getting the following errors:[sup]You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'from, msg, date, time, ip) VALUES ('Zroxx','xyn. is tr' at line 1[/sup]My code is:[code=php:0]include "db.php"; $ip = getenv('REMOTE_ADDR'); $bad_user = $_SESSION['user']['user']; $db = mysql_connect("localhost", $login, $pwd) or die(mysql_error()); mysql_select_db("zroxxco_members") or die(mysql_error()); $bansql = "INSERT INTO cfa (from, msg, date, time, ip) VALUES ('<font color=orange>Zroxx</font>','$bad_user. is trying to delete other peoples posts.','$date','$time','No Information')"; mysql_query($bansql, $db) or die(mysql_error());[/code] Link to comment https://forums.phpfreaks.com/topic/14778-sql-problem/ Share on other sites More sharing options...
AndyB Posted July 16, 2006 Share Posted July 16, 2006 FROM is a reserved word in MySQL. You should not use reserved words as fieldnames. Right solution is to change the from to something else (fromx for example); sloppy solution is to enclose reserved words in backticks .... `from` Link to comment https://forums.phpfreaks.com/topic/14778-sql-problem/#findComment-59027 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.