Vultima Posted April 22, 2011 Share Posted April 22, 2011 Hi I am in process of doing a PHP script, my other one works fine, I put them both in below, however i get this error [code]Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order (Firstname, surname, telephone, email, title, description) VALUES ('Stef' at line 1 The code I am using for this section is <?php $con = mysql_connect("localhost","root","rhysrhys"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("hagidolls", $con); $sql="INSERT INTO order (Firstname, surname, telephone, email, title, description) VALUES ('$_POST[name]','$_POST[lname]','$_POST[tele]','$_POST[mail]','$_POST[title]','$_POST[descriptions]')"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo "Order Has been Submitted, Being Redirected in 5 Seconds"; mysql_close($con); ?> [/code] The database tables I am using are idorder, Firstname, surname, telephone, email, title, description Quote Link to comment Share on other sites More sharing options...
Vultima Posted April 22, 2011 Author Share Posted April 22, 2011 WOW I posted that terribly, heres what I meant.. Hi I am in process of doing a PHP script, my other one works fine, I put them both in below, however i get this error. Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order (Firstname, surname, telephone, email, title, description) VALUES ('Stef' at line 1 The code I am using for this section is <?php $con = mysql_connect("localhost","root","rhysrhys"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("hagidolls", $con); $sql="INSERT INTO order (Firstname, surname, telephone, email, title, description) VALUES ('$_POST[name]','$_POST[lname]','$_POST[tele]','$_POST[mail]','$_POST[title]','$_POST[descriptions]')"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo "Order Has been Submitted, Being Redirected in 5 Seconds"; mysql_close($con); ?> The database tables I am using are idorder, Firstname, surname, telephone, email, title, description Quote Link to comment Share on other sites More sharing options...
EmperorJazzy Posted April 22, 2011 Share Posted April 22, 2011 Hey Vultima, Try adding the following echo line to your code; it may help determine if the query string is a problem. $sql="INSERT INTO order (Firstname, surname, telephone, email, title, description) VALUES ('$_POST[name]','$_POST[lname]','$_POST[tele]','$_POST[mail]','$_POST[title]','$_POST[descriptions]')"; echo $sql; I would comment out the execution and Die for the moment. //if (!mysql_query($sql,$con)) // { //die('Error: ' . mysql_error()); //} //echo "Order Has been Submitted, Being Redirected in 5 Seconds"; Post your result. Quote Link to comment Share on other sites More sharing options...
Vultima Posted April 22, 2011 Author Share Posted April 22, 2011 (edited) Hi I did as you said and got the result of INSERT INTO order (Firstname, surname, telephone, email, title, description) VALUES ([redacted]) Edited June 27, 2018 by requinix Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted April 22, 2011 Share Posted April 22, 2011 `order` is a MySQL reserved word. Either rename the field, or enclose `order` in `backticks` (not 'single quotes') whereever it is used in a query string. Quote Link to comment Share on other sites More sharing options...
Vultima Posted April 22, 2011 Author Share Posted April 22, 2011 (edited) Hi that didn't seem to work, first i changed the name to orders, didn't work, then i added the ` to it and same result INSERT INTO `orders` (Firstname, surname, telephone, email, title, description) VALUES ([redacted]) Edited June 27, 2018 by requinix Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted April 22, 2011 Share Posted April 22, 2011 Was there an error returned? Post the current revision of the relevant code, please. Quote Link to comment Share on other sites More sharing options...
Vultima Posted April 22, 2011 Author Share Posted April 22, 2011 <?php $con = mysql_connect("localhost","root","rhysrhys"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("hagidolls", $con); $sql="INSERT INTO `orders` (Firstname, surname, telephone, email, title, description) VALUES ('$_POST[name]','$_POST[lname]','$_POST[tele]','$_POST[mail]','$_POST[title]','$_POST[descriptions]')"; echo $sql; //if (!mysql_query($sql,$con)) // { //die('Error: ' . mysql_error()); //} //echo "Order Has been Submitted, Being Redirected in 5 Seconds"; mysql_close($con); ?> Also this is page where the form is <form action="admin/insertorder.php" method="post"> <p>First Name: <input type="text" name="name" /><br /> Last Name: <input type="text" name="lname" /><br /> Telephone: <input type="text" name="tele" /><br /> Email: <input type="text" name="mail" /><br /> <br/> Artwork Title: <input type="text" name="title" /><br /> <br/> Description of what you would like to be made..<br> <textarea type="text" onKeyPress="return taLimit(this)" onKeyUp="return taCount(this,'myCounter')" name="descriptions" rows=7 wrap="physical" cols=40> </textarea> <br><br> You have <B><SPAN id=myCounter>2000</SPAN></B> characters remaining for your description...</font> <br/> <br/> <input type="submit" /> </form> Quote Link to comment Share on other sites More sharing options...
EmperorJazzy Posted April 22, 2011 Share Posted April 22, 2011 Ok; strange, but could you try renaming the table to tblOrders or alternatively, using [orders] for the table name. Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted April 22, 2011 Share Posted April 22, 2011 You didn't uncomment the query execution, but try this and see if it works. If it does, then you can continue by escaping the data to help prevent SQL injection . . . mysql_select_db("hagidolls", $con); $sql="INSERT INTO `orders` (Firstname, surname, telephone, email, title, description) VALUES ('$_POST[name]','$_POST[lname]','$_POST[tele]','$_POST[mail]','$_POST[title]','$_POST[descriptions]')"; if( !mysql_query($sql) ) { // what to do if query fails to execute echo "<br>Query: $sql<br>Failed with error: " . mysql_error() . '<br>'; } else { // what to do if query runs . . . if( mysql_affected_rows() === 1 ) { // only one record is expected to be inserted echo "Query inserted one record."; } else { // any number of rows other than one can be considered an error condition echo "Error: query ran, but inserted " . mysql_affected_rows() . " records."; } } mysql_close($con); Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.