Matthew Herren Posted September 26, 2009 Share Posted September 26, 2009 I keep getting this error "Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING in auto/submit.php on line 10" heres a sample of my submit.php code <?php $dbhost = 'localhost'; $dbuser = 'username'; $dbpass = 'password'; $conn = mysql_connect($dbhost, $dbuser, $dbpass) or die ('Error connecting to mysql'); sql 'INSERT INTO `dbase`.`table` (`name`, `last`, `mi`, `add`, `add2`, `city`, `state`, `zip`, `hp`, `cp`, `work`, `email`, `make`, `model`, `color`, `plate` ) values ( " . $_POST['name'] . ", " . $_POST['last'] . ", " . $_POST['mi'] . ", " . $_POST['phone'] . ", " . $_POST['cp'] . ", " . $_POST['wp'] . ", " . $_POST['add'] . ", " . $_POST['add2'] . ", " . $_POST['city'] . ", " . $_POST['state'] . ", " . $_POST['zip'] . ", " . md5(md5($_POST['password'])) . ", " . $_POST['make'] . ", " . $_POST['model'] . ", " . $_POST['color'] . " " . $_POST['plate'] . " ); mysql_query($insert_query); ?> /code] Quote Link to comment Share on other sites More sharing options...
Alex Posted September 26, 2009 Share Posted September 26, 2009 Your query was all messed up, try this: $sql = "INSERT INTO `dbase`.`table` (`name`, `last`, `mi`, `add`, `add2`, `city`, `state`, `zip`, `hp`, `cp`, `work`, `email`, `make`, `model`, `color`, `plate`) values ( " . $_POST['name'] . ", " . $_POST['last'] . ", " . $_POST['mi'] . ", " . $_POST['phone'] . ", " . $_POST['cp'] . ", " . $_POST['wp'] . ", " . $_POST['add'] . ", " . $_POST['add2'] . ", " . $_POST['city'] . ", " . $_POST['state'] . ", " . $_POST['zip'] . ", " . md5(md5($_POST['password'])) . ", " . $_POST['make'] . ", " . $_POST['model'] . ", " . $_POST['color'] . " " . $_POST['plate'] . " )"; You should also be securing all values being used in a mysql query with mysql_real_escape_string() Quote Link to comment Share on other sites More sharing options...
Matthew Herren Posted September 26, 2009 Author Share Posted September 26, 2009 You should also be securing all values being used in a mysql query with mysql_real_escape_string() Would i use that on every value like: mysql_real_escape_string(" . $_POST['name'] . ",) Quote Link to comment Share on other sites More sharing options...
Alex Posted September 27, 2009 Share Posted September 27, 2009 more like: " . mysql_real_escape_string($_POST['name']) . ", Quote Link to comment Share on other sites More sharing options...
Matthew Herren Posted September 27, 2009 Author Share Posted September 27, 2009 ok thanks got it but nothing is being posted to the data base <?php $connect=mysql_connect("localhost","dbuser", "password123"); $sql = "INSERT INTO `dbase`.`table` (`name`, `last`, `mi`, `add`, `add2`, `city`, `state`, `zip`, `hp`, `cp`, `work`, `email`, `make`, `model`, `color`, `plate`) values ( " . mysql_real_escape_string($_POST['name']) . ", " . mysql_real_escape_string($_POST['last']) . ", " . mysql_real_escape_string($_POST['mi']) . ", " . mysql_real_escape_string($_POST['phone']) . ", " . mysql_real_escape_string($_POST['cp']) . ", " . mysql_real_escape_string($_POST['wp']) . ", " . mysql_real_escape_string($_POST['add']) . ", " . mysql_real_escape_string($_POST['add2']) . ", " . mysql_real_escape_string($_POST['city']) . ", " . mysql_real_escape_string($_POST['state']) . ", " . mysql_real_escape_string($_POST['zip']) . ", " . mysql_real_escape_string(md5(md5($_POST['password']))) . ", " . mysql_real_escape_string($_POST['make']) . ", " . mysql_real_escape_string($_POST['model']) . ", " . mysql_real_escape_string($_POST['color']) . " " . mysql_real_escape_string($_POST['plate']) . " )"; mysql_query($insert_query); ?> Quote Link to comment Share on other sites More sharing options...
MadTechie Posted September 27, 2009 Share Posted September 27, 2009 change mysql_query($insert_query); to mysql_query($insert_query) or die(mysql_error()); and post errors Quote Link to comment Share on other sites More sharing options...
Alex Posted September 27, 2009 Share Posted September 27, 2009 change mysql_query($insert_query); to mysql_query($insert_query) or die(mysql_error()); and post errors It would be better if he used: mysql_query($sql); Considering that $sql is the variable that holds the query, don't you think? Quote Link to comment Share on other sites More sharing options...
Matthew Herren Posted September 27, 2009 Author Share Posted September 27, 2009 <?php $connect=mysql_connect("localhost","dbuser", "password123"); mysql_select_db("dbase",$connect) or die (mysql_errno().":<b> ".mysql_error()."</b>"); $sql = "INSERT INTO `table` (`name`, `last`, `mi`, `add`, `add2`, `city`, `state`, `zip`, `hp`, `cp`, `work`, `email`, `make`, `model`, `color`, `plate`) values ( " . mysql_real_escape_string($_POST['name']) . ", " . mysql_real_escape_string($_POST['last']) . ", " . mysql_real_escape_string($_POST['mi']) . ", " . mysql_real_escape_string($_POST['phone']) . ", " . mysql_real_escape_string($_POST['cp']) . ", " . mysql_real_escape_string($_POST['wp']) . ", " . mysql_real_escape_string($_POST['add']) . ", " . mysql_real_escape_string($_POST['add2']) . ", " . mysql_real_escape_string($_POST['city']) . ", " . mysql_real_escape_string($_POST['state']) . ", " . mysql_real_escape_string($_POST['zip']) . ", " . mysql_real_escape_string(md5(md5($_POST['password']))) . ", " . mysql_real_escape_string($_POST['make']) . ", " . mysql_real_escape_string($_POST['model']) . ", " . mysql_real_escape_string($_POST['color']) . " " . mysql_real_escape_string($_POST['plate']) . " )"; mysql_query($insert_query); ?> ok hows that. but it still don't post since i added mysql_real_string() Quote Link to comment Share on other sites More sharing options...
Alex Posted September 27, 2009 Share Posted September 27, 2009 Just change mysql_query($insert_query); to mysql_query($sql); Quote Link to comment Share on other sites More sharing options...
Matthew Herren Posted September 27, 2009 Author Share Posted September 27, 2009 Still not posting Quote Link to comment Share on other sites More sharing options...
MadTechie Posted September 27, 2009 Share Posted September 27, 2009 It would be better if he used: mysql_query($sql); Considering that $sql is the variable that holds the query, don't you think? LOL.. nice catch, but better still mysql_query($sql) or die(mysql_error()); Quote Link to comment Share on other sites More sharing options...
Matthew Herren Posted September 27, 2009 Author Share Posted September 27, 2009 Ok i'm still having problems connecting and posting. Now i'm getting this error You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' , , , , , , , 74be16979710d4c4e7c' at line 6 here is my submit.php <?php $connect=mysql_connect("localhost","dbuser", "password123"); $sql = "INSERT INTO `dbase`.`dtable` (`name`, `last`, `mi`, `add`, `add2`, `city`, `state`, `zip`, `hp`, `cp`, `work`, `email`, `make`, `model`, `color`, `plate`) values ( " . $_POST['name'] . ", " . $_POST['last'] . ", " . $_POST['mi'] . ", " . $_POST['phone'] . ", " . $_POST['cp'] . ", " . $_POST['wp'] . ", " . $_POST['add'] . ", " . $_POST['add2'] . ", " . $_POST['city'] . ", " . $_POST['state'] . ", " . $_POST['zip'] . ", " . md5(md5($_POST['password'])) . ", " . $_POST['make'] . ", " . $_POST['model'] . ", " . $_POST['color'] . " " . $_POST['plate'] . " )"; mysql_query($sql) or die(mysql_error()); ?>/code] Quote Link to comment Share on other sites More sharing options...
Alex Posted September 27, 2009 Share Posted September 27, 2009 You're missing a , on this line: " . $_POST['color'] . " Should be: " . $_POST['color'] . ", Quote Link to comment Share on other sites More sharing options...
Matthew Herren Posted September 27, 2009 Author Share Posted September 27, 2009 well i'm still getting an error on line 6 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' , , , , , , , 74be16979710d4c4e7c' at line 6 Quote Link to comment Share on other sites More sharing options...
redarrow Posted September 27, 2009 Share Posted September 27, 2009 Put the insert on one line, no spaces try...... Quote Link to comment Share on other sites More sharing options...
Matthew Herren Posted September 27, 2009 Author Share Posted September 27, 2009 now i'm getting Parse error: syntax error, unexpected T_STRING on line 8 Quote Link to comment Share on other sites More sharing options...
redarrow Posted September 27, 2009 Share Posted September 27, 2009 post it? Quote Link to comment Share on other sites More sharing options...
Alex Posted September 27, 2009 Share Posted September 27, 2009 try: $sql = "INSERT INTO `dbase`.`dtable` (`name`, `last`, `mi`, `add`, `add2`, `city`, `state`, `zip`, `hp`, `cp`, `work`, `email`, `make`, `model`, `color`, `plate`) VALUES ( {$_POST['name']}, {$_POST['last']}, {$_POST['mi']}, {$_POST['phone']}, {$_POST['cp']}, {$_POST['wp']}, {$_POST['add']}, {$_POST['add2']}, {$_POST['city']}, {$_POST['state']}, {$_POST['zip']}, " . md5(md5($_POST['password'])) . ", {$_POST['make']}, {$_POST['model']}, {$_POST['color']}, {$_POST['plate']})"; Quote Link to comment Share on other sites More sharing options...
redarrow Posted September 27, 2009 Share Posted September 27, 2009 and mine try also (( it becouse you got the $_POST[''] in the insert DAM. <?php $connect=mysql_connect("localhost","dbuser", "password123"); $sql = "INSERT INTO `dbase`.`dtable` (`name`, `last`, `mi`, `add`, `add2`, `city`, `state`, `zip`, `hp`, `cp`, `work`, `email`, `make`, `model`, `color`, `plate`) VALUES(" . $_POST['name'] . ", " . $_POST['last'] . "," . $_POST['mi'] . "," . $_POST['phone'] . "," . $_POST['cp'] . ", " . $_POST['wp'] . ", " . $_POST['add'] . ", " . $_POST['add2'] . ", " . $_POST['city'] . ", " . $_POST['state'] . ", " . $_POST['zip'] . "," . md5(md5($_POST['password'])) . "," . $_POST['make'] . ", " . $_POST['model'] . ", " . $_POST['color'] . "," . $_POST['plate'] . ")"; $res=mysql_query($sql) or die(mysql_error()); ?> Quote Link to comment Share on other sites More sharing options...
Matthew Herren Posted September 27, 2009 Author Share Posted September 27, 2009 Well now i'm getting yours alexwd try: $sql = "INSERT INTO `dbase`.`dtable` (`name`, `last`, `mi`, `add`, `add2`, `city`, `state`, `zip`, `hp`, `cp`, `work`, `email`, `make`, `model`, `color`, `plate`) VALUES ( {$_POST['name']}, {$_POST['last']}, {$_POST['mi']}, {$_POST['phone']}, {$_POST['cp']}, {$_POST['wp']}, {$_POST['add']}, {$_POST['add2']}, {$_POST['city']}, {$_POST['state']}, {$_POST['zip']}, " . md5(md5($_POST['password'])) . ", {$_POST['make']}, {$_POST['model']}, {$_POST['color']}, {$_POST['plate']})"; You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' , , , , , , , 74be16979710d4c4e7c' at line 5 and for redarrows and mine try also (( it becouse you got the $_POST[''] in the insert DAM. <?php $connect=mysql_connect("localhost","dbuser", "password123"); $sql = "INSERT INTO `dbase`.`dtable` (`name`, `last`, `mi`, `add`, `add2`, `city`, `state`, `zip`, `hp`, `cp`, `work`, `email`, `make`, `model`, `color`, `plate`) VALUES(" . $_POST['name'] . ", " . $_POST['last'] . "," . $_POST['mi'] . "," . $_POST['phone'] . "," . $_POST['cp'] . ", " . $_POST['wp'] . ", " . $_POST['add'] . ", " . $_POST['add2'] . ", " . $_POST['city'] . ", " . $_POST['state'] . ", " . $_POST['zip'] . "," . md5(md5($_POST['password'])) . "," . $_POST['make'] . ", " . $_POST['model'] . ", " . $_POST['color'] . "," . $_POST['plate'] . ")"; $res=mysql_query($sql) or die(mysql_error()); ?> Parse error: syntax error, unexpected T_STRING on line 8 Quote Link to comment Share on other sites More sharing options...
Alex Posted September 27, 2009 Share Posted September 27, 2009 echo $sql and post what it outputs. Quote Link to comment Share on other sites More sharing options...
Matthew Herren Posted September 27, 2009 Author Share Posted September 27, 2009 <?php $connect=mysql_connect('localhost','dbuser', 'dbpassword'); mysql_query($sql) or die(mysql_error()); echo "$sql"; ?> Query was empty Quote Link to comment Share on other sites More sharing options...
MadTechie Posted September 27, 2009 Share Posted September 27, 2009 the $sql is wrong, in 2 ways 1. your post isn't posting all of the elements (ie name, last ect) 2. you have no quote for the strings this should work but your have incomplete data until you sync with the form <?php $connect=mysql_connect("localhost","dbuser","password123"); $sql="INSERT INTO`dbase`.`dtable`(`name`,`last`,`mi`,`add`,`add2`,`city`,`state`,`zip`,`hp`,`cp`,`work`,`email`,`make`,`model`,`color`,`plate`) VALUES ('{$_POST['name']}','{$_POST['last']}','{$_POST['mi']}','{$_POST['phone']}','{$_POST['cp']}','{$_POST['wp']}','{$_POST['add']}','{$_POST['add2']}','{$_POST['city']}','{$_POST['state']}','{$_POST['zip']}','".md5(md5($_POST['password']))."','{$_POST['make']}','{$_POST['model']},{$_POST['color']}','{$_POST['plate']}')"; $res=mysql_query($sql)or die(mysql_error()); ?> Quote Link to comment Share on other sites More sharing options...
Alex Posted September 27, 2009 Share Posted September 27, 2009 the $sql is wrong, in 2 ways 1. your post isn't posting all of the elements (ie name, last ect) 2. you have no quote for the strings this should work but your have incomplete data until you sync with the form <?php $connect=mysql_connect("localhost","dbuser","password123"); $sql="INSERT INTO`dbase`.`dtable`(`name`,`last`,`mi`,`add`,`add2`,`city`,`state`,`zip`,`hp`,`cp`,`work`,`email`,`make`,`model`,`color`,`plate`) VALUES ('{$_POST['name']}','{$_POST['last']}','{$_POST['mi']}','{$_POST['phone']}','{$_POST['cp']}','{$_POST['wp']}','{$_POST['add']}','{$_POST['add2']}','{$_POST['city']}','{$_POST['state']}','{$_POST['zip']}','".md5(md5($_POST['password']))."','{$_POST['make']}','{$_POST['model']},{$_POST['color']}','{$_POST['plate']}')"; $res=mysql_query($sql)or die(mysql_error()); ?> Wow, I feel like an idiot now. Quote Link to comment Share on other sites More sharing options...
Matthew Herren Posted September 27, 2009 Author Share Posted September 27, 2009 Parse error: syntax error, unexpected '(' in auto/submit.php on line 3 <?php $connect=mysql_connect("localhost","dbuser","dbpassword"); $sql="INSERT INTO`dbase`.`auto`(`name`,`last`,`mi`,`add`,`add2`,`city`,`state`,`zip`,`hp`,`cp`,`work`,`email`,`make`,`model`,`color`,`plate`) VALUES ('{$_POST['name']}','{$_POST['last']}','{$_POST['mi']}','{$_POST['phone']}','{$_POST['cp']}','{$_POST['wp']}','{$_POST['add']}','{$_POST['add2']}','{$_POST['city']}','{$_POST['state']}','{$_POST['zip']}','"($_POST['password']"','{$_POST['make']}','{$_POST['model']},{$_POST['color']}','{$_POST['plate']}')"; $res=mysql_query($sql)or die(mysql_error()); ?> i just copied and pasted your code, filled in the form, and got this error. Should there be more to my submit code? http://www.beccastowing.com/formdata/auto/form1.php thats the form i'm using. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.