Mysql_Query Error

[jamesjmann]

Is there something wrong this? If so, I'm not seeing it...I keep getting this error:

( ! ) Parse error: syntax error, unexpected T_STRING in C:\Program Files\wamp\www\register.php on line 1059

 

Here's my code for registering a member:

 

<?php
mysql_query (INSERT INTO fans (id, username, email, password, country, region, gender, status, account, subscription, time_registered, date_registered, birthdate, name, website, age, activation_key) VALUES ('', '{$_SESSION["user"]["username"]}', '{$_SESSION["user"]["email"]}', '{$_SESSION["user"]["password"]}', '{$_SESSION["user"]["country"]}', '{$_SESSION["user"]["region"]}', '{$_SESSION["user"]["gender"]}', 'Offline', 'Inactive', 'Unsubscribed', '{$_SESSION["user"]["time"]}', '{$_SESSION["user"]["date"]}', '{$_SESSION["user"]["birthdate"]}', '{$_SESSION["user"]["name"]}', '{$_SESSION["user"]["website"]}', '{$_SESSION["user"]["age"]}', '{$_SESSION["user"]["activation_key"]}')) or die ("Could not register member");
?>

 

Help, please and thank you!

[Skewled]

Just looking over the query I see id and for the value it's '' If the row ID in your table is auto increment you don't need to worry about placing it in your query it will get a value automatically.

 

It's also yelling at you for your $_SESSION["thisvalue"] for your values.

 

I believe they should look like this:

 

'.$_SESSION['thisvalue'].'

 

EDIT:

 

Forgot to mention, why are you using session variables to place the intial registration into the database? You should be using a html form, escaping the inputs, and then sending the cleaned up variables to the database for storage.

[jamesjmann]

Just looking over the query I see id and for the value it's '' If the row ID in your table is auto increment you don't need to worry about placing it in your query it will get a value automatically.

 

It's also yelling at you for your $_SESSION["thisvalue"] for your values.

 

I believe they should look like this:

 

'.$_SESSION['thisvalue'].'

 

EDIT:

 

Forgot to mention, why are you using session variables to place the intial registration into the database? You should be using a html form, escaping the inputs, and then sending the cleaned up variables to the database for storage.

 

Thanks, for the tip, but I did do that. The input comes from an html form, and gets stored in the $_POST array, and then I format those post values using a variety of functions (Like mysql_real_escape_string for instance) and assign them to session variables so I can span the registration form over multiple pages. I also like to allow the user to review their information before submitting, so that's another reason. And once they hit the submit button, the information gets inserted into the database, and I just dump my $_SESSION array, so as to "unclutter" what's going on, essentially.

[jamesjmann]

I just tried what you suggested and cut the code down to just insert one value into one field in the table, and I got the same error.

 

Here's the revised code:

<?php

	mysql_query (INSERT INTO fans (username) VALUES ('.$_SESSION["user"]["username"].'));

?>

 

I tried put single quotes in the ["user"]["username"] part of the $_SESSION variable, but I get that error message either way.

 

What in the heck is going on? I've done queries like this in the past before, so I'm like...really confused...

 

[Pikachu2000]

The query string isn't quoted. It needs to be.

[Pikachu2000]

It really should be assigned to a variable, then the variable used in the query execution. It makes debugging much easier.

[jamesjmann]

The query string isn't quoted. It needs to be.

 

Okay, well I just rewrote the code like this:

	
<?php

$querry = "INSERT INTO fans (username) VALUES ('hello')";

mysql_query ($querry);

?>

 

And this inserts "hello" in the field "username". So, I'm guessing the problem lies in all those session variables. I've tried nearly ever variation I can think of, but it just doesn't work. Do you know how to send those session variables to the query the CORRECT way?

[Skewled]

I was trying to correct that for you but it didn't fix your problem.

 

  '".$_SESSION['name']."'  

 

That's how you quote them sorry was off last time. Give that a shot or throw each session value into variables to work with.

[Pikachu2000]

Have you print_r()'d the $_SESSION array to see if it actually contains the values you think it does?

[jamesjmann]

Have you print_r()'d the $_SESSION array to see if it actually contains the values you think it does?

 

Yep, I print_r'ed both the $_POST and $_SESSION arrays and everything looks okay.

 

I figured out how to do it properly (after a LOT of messing around)...

<?php

$query = "INSERT INTO fans (name, username, email, password, country, region, gender, status, account, subscription, time_registered, date_registered, birthdate, website, age, activation_key) VALUES ('{$_SESSION['user']['name']}', '{$_SESSION['user']['username']}', '{$_SESSION['user']['email']}', '{$_SESSION['user']['password']}', '{$_SESSION['user']['country']}', '{$_SESSION['user']['region']}', '{$_SESSION['user']['gender']}', 'Offline', 'Inactive', 'Unsubscribed', '{$_SESSION['user']['time']}', '{$_SESSION['user']['date']}', '{$_SESSION['user']['birthdate']}', '{$_SESSION['user']['website']}', '{$_SESSION['user']['age']}', '{$_SESSION['user']['activation_key']}')";

?>

 

This works perfectly. Thanks for all the help and suggestions guys!

[Skewled]

Excellent glad your up and running.