Jump to content

INSERT Query Error

jmoudy77

By jmoudy77
in MySQL Help

Recommended Posts

jmoudy77 Newbie

jmoudy77

Posted
Posted

Hi, I'm a little new to php, but I've been using SQL syntax with VB for a while.  I can't figure out why I'm getting this error:

 

Error adding submitted property: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Long, Date1, Time, Price, Footage, Beds, Baths) VALUES ('Laurie Moud' at line 2

 

Here's my SQL:

 

if(! get_magic_quotes_gpc() )
{
    $name=mysql_real_escape_string(addslashes ($_POST[name]));
    $street=mysql_real_escape_string(addslashes ($_POST[street]));
    $city=mysql_real_escape_string(addslashes ($_POST[city]));
    $state=mysql_real_escape_string(addslashes ($_POST[state]));
    $zip=mysql_real_escape_string(addslashes ($_POST[zip]));
    $date=mysql_real_escape_string(addslashes ($_POST[date]));
    $time=mysql_real_escape_string(addslashes ($_POST[time]));
    $price=mysql_real_escape_string(addslashes ($_POST[price]));
    $footage=mysql_real_escape_string(addslashes ($_POST[footage]));
    $beds=mysql_real_escape_string(addslashes ($_POST[beds]));
    $baths=mysql_real_escape_string(addslashes ($_POST[baths]));
    $address1=mysql_real_escape_string(addslashes ($_POST[address1]));
    $address2=mysql_real_escape_string(addslashes ($_POST[address2]));
    $cccity=mysql_real_escape_string(addslashes ($_POST[cccity]));
    $ccstate=mysql_real_escape_string(addslashes ($_POST[ccstate]));
    $cczip=mysql_real_escape_string(addslashes ($_POST[cczip]));
    $email=mysql_real_escape_string(addslashes ($_POST[email]));
    $phone=mysql_real_escape_string(addslashes ($_POST[phone]));
    $ccnumber=mysql_real_escape_string(addslashes ($_POST[ccnumber]));
    $ccname=mysql_real_escape_string(addslashes ($_POST[ccname]));
    $ccdate=mysql_real_escape_string(addslashes ($_POST[ccdate]));
    $cccode=mysql_real_escape_string(addslashes ($_POST[cccode]));
    $paytype=mysql_real_escape_string(addslashes ($_POST[paytype]));
}Else{
    $name=mysql_real_escape_string($_POST[name]);
    $street=mysql_real_escape_string($_POST[street]);
    $city=mysql_real_escape_string($_POST[city]);
    $state=mysql_real_escape_string($_POST[state]);
    $zip=mysql_real_escape_string($_POST[zip]);
    $date=mysql_real_escape_string($_POST[date]);
    $time=mysql_real_escape_string($_POST[time]);
    $price=mysql_real_escape_string($_POST[price]);
    $footage=mysql_real_escape_string($_POST[footage]);
    $beds=mysql_real_escape_string($_POST[beds]);
    $baths=mysql_real_escape_string($_POST[baths]);
    $address1=mysql_real_escape_string($_POST[address1]);
    $address2=mysql_real_escape_string($_POST[address2]);
    $cccity=mysql_real_escape_string($_POST[cccity]);
    $ccstate=mysql_real_escape_string($_POST[ccstate]);
    $cczip=mysql_real_escape_string($_POST[cczip]);
    $email=mysql_real_escape_string($_POST[email]);
    $phone=mysql_real_escape_string($_POST[phone]);
    $ccnumber=mysql_real_escape_string($_POST[ccnumber]);
    $ccname=mysql_real_escape_string($_POST[ccname]);
    $ccdate=mysql_real_escape_string($_POST[ccdate]);
    $cccode=mysql_real_escape_string($_POST[cccode]);
    $paytype=mysql_real_escape_string($_POST[paytype]);
}

  $sql1 = "INSERT INTO Listings (Username, Street, City,
            State, Zip, Lat, Long, Date1, Time, Price, Footage, Beds, Baths)
            VALUES ('$name', '$street', '$city', '$state', '$zip', '$lat',
            '$long', '$date', '$time', '$price', '$footage', '$beds', '$baths')";

  $sql2 = "INSERT INTO Users (My_Name, Username, Street, PO_Box, City,
            State, Zip, Email, Phone, Client_Type, Brokerage, Join_Date)
            VALUES ('$name', '$name', '$address1', '$address2', '$cccity',
            '$ccstate', '$cczip', '$email', '$phone', 'Single')";

   $sql3 = "INSERT INTO Billing (Username, Street, PO_Box, City,
            State, Zip, Credit_Card_#, Name_on_Card, Expiration, SID, Last_Payment,
            Payment_Type)
            VALUES ('$name', '$address1', $address2', '$cccity', '$ccstate',
                '$cczip', '$ccnumber', '$ccname', '$ccdate', '$cccode', CURDATE(),
                '$paytype')";
  
  		
  if ((mysql_query($sql1)) && (mysql_query($sql2)) && (mysql_query($sql3))) {
echo("Your property has been added.");
  } else {
    echo("Error adding submitted property: " .
         mysql_error() . "<br><br>" .
         "<a href='one_time.html' onClick='return myPopup(this, 'notes')'>
         Return to listing form.</a>");
  }

Link to comment
https://forums.phpfreaks.com/topic/170877-insert-query-error/
Share on other sites
rhodesa Newbie

rhodesa

Posted
Posted

First, you don't need mysql_real_escape_string() AND addslashes()...just mysql_real_escape_string() should be fine...

 

As for the error, Long is a reserved word in MySQL:

http://dev.mysql.com/doc/refman/5.1/en/reserved-words.html

 

I would recommend changing the column name to something else...but if you can't, just put backticks around it:

$sql1 = "INSERT INTO Listings (Username, Street, City,
            State, Zip, Lat, `Long`, Date1, Time, Price, Footage, Beds, Baths)
            VALUES ('$name', '$street', '$city', '$state', '$zip', '$lat',
            '$long', '$date', '$time', '$price', '$footage', '$beds', '$baths')";

Link to comment
https://forums.phpfreaks.com/topic/170877-insert-query-error/#findComment-901244
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.