[SOLVED] Apparent syntax error

[Mattio2187]

i am fairly new with php/mysql. I thought I was doing something pretty straight forward. just taking a chosen radio button value and entering into a single field of a table. Here is the error im getting:

 

Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') VALUE (three)' at line 1

 

 

 

 

And here is my php code, I can't find the syntax error:

 

 

<?php

 

 

$con = mysql_connect("localhost","mattsol1_user","user");

 

if (!$con)

  {

  die('Could not connect: ' . mysql_error());

  }

 

mysql_select_db("mattsol1_pollthree", $con);

 

$sql= "INSERT INTO vote (select) VALUES ('$_POST[select]')" ;

 

 

if (!mysql_query($sql,$con))

  {

  die('Error: ' . mysql_error());

  }

echo "Thank You";

 

mysql_close($con);

 

?>

 

 

 

 

 

code is live at mattsolano.com/zink/voting.html

 

 

 

any feedback would be appreciated

[Andy-H]

"select" is a mysql reserved word and needs to be  surrounded by backticks, or better yet, you could change the name of the field.

<?php


$con = mysql_connect("localhost","mattsol1_user","user");

if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("mattsol1_pollthree", $con);

$sql= "INSERT INTO vote (`select`) VALUES ('" . mysql_real_escape_string($_POST['select']) . "')" ;


if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
echo "Thank You";

mysql_close($con);

?>

 

[Ken2k7]

$sql = sprintf("INSERT INTO vote (`select`) VALUES ('%s')", mysql_real_escape_string($_POST['select']));

 

You get PHP notices if you don't put quotes around select in $_POST['select'].

[Mattio2187]

Thanks, a ton. Like I said, I'm just starting out so i wouldn't have caught that. I'm not sure exactly what some of the other stuff you added is, but i'm going to trust that its better code than what I had.

 

Thanks again