[SOLVED] MySQL Query Error

pudge1 · October 26, 2009

$sql="INSERT INTO Users (userid, Username, Password, EMail, Account Type)

VALUES

(" . $count . "," . $username . "," . $password . "," . $_POST['email'] . "," . $at . ")";

$result = mysql_query($sql , $connection);

The problem I am having with the script is that it is not inserting the data. I am 99.99% sure that is the fault of the way I wrote up the $sql= line. Does anyone see what I did wrong?

EDIT: I forgot to mention. It IS connecting to the database just fine so that is NOT the problem.

gevensen · October 26, 2009

$sql="INSERT INTO `Users` (userid, Username, Password, EMail, Account Type)

VALUES

( '$userid', '$username', '$password', '$email', '$account_type' );

pudge1 · October 27, 2009

Thanks man, still doesn't work though :-[

ldb358 · October 27, 2009

add an

or trigger_error(mysql_error(),E_USER_WARNING);

to the mysql_query and post the error

xtopolis · October 27, 2009

You can't have spaces in column names without denoting it as a name using backticks ( ` ). (The issue is with the "account type" column).

$sql="INSERT INTO Users (userid, Username, Password, EMail, `Account Type`)
VALUES
(" . $count . "," . $username . "," . $password . "," . $_POST['email'] . "," . $at . ")";
$result = mysql_query($sql , $connection);

gevensen · October 27, 2009

Thanks man, still doesn't work though

you can add $result=mysql_query OR die(mysql_error()); to see what the issue is

pudge1 · October 27, 2009

Warning: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@email.com,User)' at line 3 in

That is the error I get.

Thanks for whoever posted the new code, still broken though. I just don't see what is wrong I have looked it over a couple times and referred back to the manual.

DavidAM · October 27, 2009

You have to have quotes in the SQL around the values:

$sql="INSERT INTO Users (userid, Username, Password, EMail, `Account Type`)
VALUES
(" . $count . ",'" . $username . "','" . $password . "','" . $_POST['email'] . "','" . $at . "')";
$result = mysql_query($sql , $connection);

I know it's hard to see them but I added them in there. echo $sql before executing it to see your query.

Also, VERY IMPORTANT, do not send user input directly to the database without sanitizing it first!! Using $_POST['email'] in your query is not a good idea unless you have already done something to prevent SQL injections. At the very least use mysql_real_escape_string($_POST['email']);.

pudge1 · October 28, 2009

Thanks man, for fixing the code and for the tip. I'll use both.

Sign In

[SOLVED] MySQL Query Error

Recommended Posts

pudge1

Link to comment

Share on other sites

gevensen

Link to comment

Share on other sites

pudge1

Link to comment

Share on other sites

ldb358

Link to comment

Share on other sites

xtopolis

Link to comment

Share on other sites

gevensen

Link to comment

Share on other sites

pudge1

Link to comment

Share on other sites

DavidAM

Link to comment

Share on other sites

pudge1

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information