pudge1 Posted October 26, 2009 Share Posted October 26, 2009 $sql="INSERT INTO Users (userid, Username, Password, EMail, Account Type) VALUES (" . $count . "," . $username . "," . $password . "," . $_POST['email'] . "," . $at . ")"; $result = mysql_query($sql , $connection); The problem I am having with the script is that it is not inserting the data. I am 99.99% sure that is the fault of the way I wrote up the $sql= line. Does anyone see what I did wrong? EDIT: I forgot to mention. It IS connecting to the database just fine so that is NOT the problem. Quote Link to comment Share on other sites More sharing options...
gevensen Posted October 26, 2009 Share Posted October 26, 2009 $sql="INSERT INTO `Users` (userid, Username, Password, EMail, Account Type) VALUES ( '$userid', '$username', '$password', '$email', '$account_type' ); Quote Link to comment Share on other sites More sharing options...
pudge1 Posted October 27, 2009 Author Share Posted October 27, 2009 Thanks man, still doesn't work though Quote Link to comment Share on other sites More sharing options...
ldb358 Posted October 27, 2009 Share Posted October 27, 2009 add an or trigger_error(mysql_error(),E_USER_WARNING); to the mysql_query and post the error Quote Link to comment Share on other sites More sharing options...
xtopolis Posted October 27, 2009 Share Posted October 27, 2009 You can't have spaces in column names without denoting it as a name using backticks ( ` ). (The issue is with the "account type" column). $sql="INSERT INTO Users (userid, Username, Password, EMail, `Account Type`) VALUES (" . $count . "," . $username . "," . $password . "," . $_POST['email'] . "," . $at . ")"; $result = mysql_query($sql , $connection); Quote Link to comment Share on other sites More sharing options...
gevensen Posted October 27, 2009 Share Posted October 27, 2009 Thanks man, still doesn't work though you can add $result=mysql_query OR die(mysql_error()); to see what the issue is Quote Link to comment Share on other sites More sharing options...
pudge1 Posted October 27, 2009 Author Share Posted October 27, 2009 Warning: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@email.com,User)' at line 3 in That is the error I get. Thanks for whoever posted the new code, still broken though. I just don't see what is wrong I have looked it over a couple times and referred back to the manual. Quote Link to comment Share on other sites More sharing options...
DavidAM Posted October 27, 2009 Share Posted October 27, 2009 You have to have quotes in the SQL around the values: $sql="INSERT INTO Users (userid, Username, Password, EMail, `Account Type`) VALUES (" . $count . ",'" . $username . "','" . $password . "','" . $_POST['email'] . "','" . $at . "')"; $result = mysql_query($sql , $connection); I know it's hard to see them but I added them in there. echo $sql before executing it to see your query. Also, VERY IMPORTANT, do not send user input directly to the database without sanitizing it first!! Using $_POST['email'] in your query is not a good idea unless you have already done something to prevent SQL injections. At the very least use mysql_real_escape_string($_POST['email']);. Quote Link to comment Share on other sites More sharing options...
pudge1 Posted October 28, 2009 Author Share Posted October 28, 2009 Thanks man, for fixing the code and for the tip. I'll use both. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.