Jim R Posted September 1, 2011 Share Posted September 1, 2011 I have a form that is passing the User to following code. The code below is just ported from another site that I created, which works extremely well. I've had to change the datatable, database connection and some of the variables for this site, but it's otherwise the same. I've triple checked the variables. The datatable is accurate. It doesn't appear to be passing variable from the Form with the exception of "content", and I'm getting the following error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'year='', position='', content='Test', ppg='', rp' at line 6 Query: INSERT INTO players SET playerFirst='', playerLast='', feet='', inches='' year='', position='', content='Test', ppg='', rpg='', apg='', spg='', bpg='', fgp='', ftp='', status='' What am I missing? <?php include('db.php'); $playerFirst = $_POST['playerFirst']; $playerLast = $_POST['playerLast']; $feet = $_POST['feet']; $inches = $_POST['inches']; $year = $_POST['year']; $position = $_POST['position']; $content = $_POST['content']; $ppg = $_POST['ppg']; $rpg = $_POST['rpg']; $apg = $_POST['apg']; $spg = $_POST['spg']; $bpg = $_POST['bpg']; $fgp = $_POST['fgp']; $ftp = $_POST['ftp']; $status = $_POST['status']; //if(isSet($_POST['playerFirst']['playerLast']['feet']['inches']['year']['status'])) //{ /* search for existing row */ $sql = "SELECT msg_id FROM players WHERE playerFirst='".mysql_real_escape_string($playerFirst)."' AND playerLast='".mysql_real_escape_string($playerLast)."'"; if(!$result = mysql_query($sql)) { die(mysql_error()."<br />Query: ".$sql); } if(mysql_num_rows($result)) { $row = mysql_fetch_assoc($result); /* update existing row */ $sql = "UPDATE players SET feet='".mysql_real_escape_string($feet)."', inches='".mysql_real_escape_string($inches)."' year='".mysql_real_escape_string($year)."', position='".mysql_real_escape_string($position)."', content='".$content."', ppg='".$ppg."', rpg='".$rpg."', apg='".$apg."', spg='".$spg."', bpg='".$bpg."', fgp='".$fgp."', ftp='".$ftp."', status='".$status."', WHERE msg_id='".$row['msg_id']."'"; if(!$result = mysql_query($sql)) { die(mysql_error()."<br />Query: ".$sql); } } else { /* insert new row */ $sql = "INSERT INTO players SET playerFirst='".mysql_real_escape_string($playerFirst)."', playerLast='".mysql_real_escape_string($playerLast)."', feet='".mysql_real_escape_string($feet)."', inches='".mysql_real_escape_string($inches)."' year='".mysql_real_escape_string($year)."', position='".mysql_real_escape_string($position)."', content='".$content."', ppg='".$ppg."', rpg='".$rpg."', apg='".$apg."', spg='".$spg."', bpg='".$bpg."', fgp='".$fgp."', ftp='".$ftp."', status='".$status."'"; if(!$result = mysql_query($sql)) { die(mysql_error()."<br />Query: ".$sql); } } Quote Link to comment Share on other sites More sharing options...
Alex Posted September 1, 2011 Share Posted September 1, 2011 That's the syntax for an UPDATE query, not an INSERT query. Quote Link to comment Share on other sites More sharing options...
Jim R Posted September 1, 2011 Author Share Posted September 1, 2011 That's the syntax for an UPDATE query, not an INSERT query. Ok...I guess, but it's working quite well on another site, which is currently in the part of the year when it's most used. I've had additions made to it today. The other issue is it's passing the value for "content" but not the other fields. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted September 1, 2011 Share Posted September 1, 2011 Actually, that's an alternative way of forming an INSERT query. You have a missing comma in the list of field/values, right at the point that the error message is calling your attention to. Quote Link to comment Share on other sites More sharing options...
Jim R Posted September 1, 2011 Author Share Posted September 1, 2011 Status is my last field. Where should a comma go? Quote Link to comment Share on other sites More sharing options...
jcbones Posted September 1, 2011 Share Posted September 1, 2011 According to the manual, you may use the SET clause in an INSERT query. Although, this query would always fail, as the comma before the 'year' column is omitted. Quote Link to comment Share on other sites More sharing options...
Alex Posted September 1, 2011 Share Posted September 1, 2011 Actually, that's an alternative way of forming an INSERT query. You have a missing comma in the list of field/values, right at the point that the error message is calling your attention to. Oh, cool. Learn something new every day. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted September 1, 2011 Share Posted September 1, 2011 Where should a comma go? Someone told you - right at the point that the error message is calling your attention to. Did you read the error message? Also, you could always just look at your code or the query that you echoed out. Quote Link to comment Share on other sites More sharing options...
Jim R Posted September 1, 2011 Author Share Posted September 1, 2011 Ok...I got rid of the errors. There were a few, another comma and two bad variables. HOWEVER, the only value being passed is the one for "content". There is another aspect of this that maybe I didn't understand. In using this code for this site, I have some javascript going on that is suppose to show the submission on the page in real time, without having to refresh. It's working with the...you guessed it...the "content" field. I assumed the JS just created the effect then passed the User to the code that processes the data. Do I have to reflect all the fields I need passed in the JS??? (I don't work with JS at all. It was a open source code.) <script type="text/javascript"> $(function() { $(".comment_button").click(function() { var element = $(this); var boxval = $("#content").val(); var dataString = 'content='+ boxval; if(boxval=='') { alert("Please Enter Some Text"); } else { $("#flash").show(); $("#flash").fadeIn(400).html('<img src="ajax.gif" align="absmiddle"> <span class="loading">Loading Update...</span>'); $.ajax({ type: "POST", url: "/live_update/update_data.php", data: dataString, cache: false, success: function(html){ $("ol#update").prepend(html); $("ol#update li:first").slideDown("slow"); document.getElementById('content').value=''; $("#flash").hide(); } }); } return false; }); $('.delete_update').live("click",function() { var ID = $(this).attr("id"); var dataString = 'msg_id='+ ID; if(confirm("Sure you want to delete this update? There is NO undo!")) { $.ajax({ type: "POST", url: "/live_update/delete_data.php", data: dataString, cache: false, success: function(html){ $(".bar"+ID).slideUp('slow', function() {$(this).remove();}); } }); } return false; }); }); </script> Quote Link to comment Share on other sites More sharing options...
Jim R Posted September 1, 2011 Author Share Posted September 1, 2011 Maybe I should clarify. The JS is on the file with the form. From the form to the update_data.php, it appears to only be passing along the Content field. Would the JS have any effect on that? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.