3raser Posted March 6, 2011 Share Posted March 6, 2011 $date = date('m-d-y'); $ip = $_SERVER['REMOTE_ADDR']; mysql_query("INSERT INTO users VALUES ($username, $password, 0, $ip, $date)") or die(mysql_error()); Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '.60.116, 03-06-11)' at line 1 I'm not sure why I get this error. :/ Link to comment https://forums.phpfreaks.com/topic/229738-another-mysql-insert-problem-error-included-this-time/ Share on other sites More sharing options...
kenrbnsn Posted March 6, 2011 Share Posted March 6, 2011 All strings need to be quoted in MySQL queries: <?php $q = "INSERT INTO users VALUES ('$username', '$password', 0, '$ip', '$date')"; $rs = mysql_query($q) or die("Problem with the query: $q <br>" . mysql_error()); ?> Ken Link to comment https://forums.phpfreaks.com/topic/229738-another-mysql-insert-problem-error-included-this-time/#findComment-1183448 Share on other sites More sharing options...
3raser Posted March 6, 2011 Author Share Posted March 6, 2011 Thank you for that! And should I do a MD5 password like this: $password = mysql_real_escape_string(md5($_POST['password'])); Is escape even needed then? Link to comment https://forums.phpfreaks.com/topic/229738-another-mysql-insert-problem-error-included-this-time/#findComment-1183449 Share on other sites More sharing options...
Pikachu2000 Posted March 6, 2011 Share Posted March 6, 2011 There's no need to escape a string that will be hashed, so $password = md5($_POST['password']); is just fine. Link to comment https://forums.phpfreaks.com/topic/229738-another-mysql-insert-problem-error-included-this-time/#findComment-1183450 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.