klobking Posted August 30, 2012 Share Posted August 30, 2012 Hello, I'm fairly new to PHP and usually I will keep reading and struggling away till I find my answer but, this one has me really stumped. Basically, I'm submitting a form one of the post objects is "categories" I'm then storing "categories in $cat, to be used as a part mysql database reference so the data is submitted to the correct table in the database... My problem is it's just not working... Could anybody give me any hints or tips on how to get this work... or am I going about this all wrong? My code is: <?php $con = mysql_connect("localhost","username","password"); $cat = $_POST[category]; if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("databasename", $con); $sql="INSERT INTO gpc_'$cat ($cat_title, $cat_info) VALUES ('$_POST[title]','$_POST[info]')"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo "Working"; mysql_close($con); ?> Any help would be wonderful! mod edit: code in code tags please Quote Link to comment Share on other sites More sharing options...
Jessica Posted August 30, 2012 Share Posted August 30, 2012 It's probably not working because you have a single quote before $cat. That said, you need to sanitize your user input. Quote Link to comment Share on other sites More sharing options...
klobking Posted August 30, 2012 Author Share Posted August 30, 2012 Apologies that single quote isn't actually in the script I was just trying to quote the variable to see if that would fix it, and must have missed one before i posted my sample. Quote Link to comment Share on other sites More sharing options...
Jessica Posted August 30, 2012 Share Posted August 30, 2012 In that case, "just isn't working" isn't enough for us to go on. Quote Link to comment Share on other sites More sharing options...
klobking Posted August 30, 2012 Author Share Posted August 30, 2012 This area will also be completely unreachable to the end user it's admin use only. Quote Link to comment Share on other sites More sharing options...
klobking Posted August 30, 2012 Author Share Posted August 30, 2012 Apologies again :/ The error I'm receiving is as follows: Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' ) VALUES ('title test',' content test ')' at line 1 Quote Link to comment Share on other sites More sharing options...
Christian F. Posted August 30, 2012 Share Posted August 30, 2012 Print out the SQL query, and see how it looks. That should give you the problem, and lead you to what you need to do to fix it. And you still need to validate all input and escape all output, otherwise you will be open for attackers. Even if you trust your users, you don't want to trust everything that goes on within their computers and/or other pages they visit at the same time. Quote Link to comment Share on other sites More sharing options...
Jessica Posted August 30, 2012 Share Posted August 30, 2012 Change die('Error: ' . mysql_error()); to die('Error: ' . mysql_error().' SQL: '.$sql); And see what the problem is in your query. It's probably due to $cat_title, $cat_info being undefined. Quote Link to comment Share on other sites More sharing options...
klobking Posted August 30, 2012 Author Share Posted August 30, 2012 I've tried changing that but the error report is identical. Very sorry for being a bit of a pain. What would be the correct syntax to create a new variable that includes a variable followed by plaintext? For example $cat_title = $cat + Plain text ]; ~Obviously it's not "+ Plain text", that's the bit I'm stumped with Quote Link to comment Share on other sites More sharing options...
Jessica Posted August 30, 2012 Share Posted August 30, 2012 I've tried changing that but the error report is identical. [/quote[ Not possible, it would print at least the SQL: part even if somehow $sql was empty. What would be the correct syntax to create a new variable that includes a variable followed by plaintext? $cat_title = $cat.'Text'; Read the manual. Quote Link to comment Share on other sites More sharing options...
klobking Posted August 30, 2012 Author Share Posted August 30, 2012 All fixed and sorted thank you very much Even if you were a little grumpy! Everyone has to start somewhere! Quote Link to comment Share on other sites More sharing options...
Christian F. Posted August 30, 2012 Share Posted August 30, 2012 You're welcome, and we're glad we could help. However, I'd like to point out that neither of us are grumpy. We're just to the point, and trying to teach you how to figure these things out for yourself. I strongly recommend that you read the excellent article How to ask questions the smart way, and pay especially close attention to the introduction. A small quote from it: If you find this attitude obnoxious, condescending, or arrogant, check your assumptions... Quote Link to comment Share on other sites More sharing options...
Jessica Posted August 30, 2012 Share Posted August 30, 2012 I'm grumpy, but it has nothing to do with you people. Quote Link to comment Share on other sites More sharing options...
klobking Posted August 30, 2012 Author Share Posted August 30, 2012 I'll have a good read of it now Seems I should show a bit more respect and read the rules before posting! Quote Link to comment Share on other sites More sharing options...
Jessica Posted August 30, 2012 Share Posted August 30, 2012 Seems I should [...] read the rules before posting! See, that just seems like common sense :-P Quote Link to comment Share on other sites More sharing options...
Christian F. Posted August 30, 2012 Share Posted August 30, 2012 klobking: Sounds like a good idea, yes. Jesi: Awww... *Hugs* Hope whatever it is either gets better or goes away soon. Quote Link to comment Share on other sites More sharing options...
klobking Posted August 30, 2012 Author Share Posted August 30, 2012 A lesson in PHP and common sense! It's been an enlightening experience for me! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.