Tanelorn Posted December 6, 2012 Share Posted December 6, 2012 I got an error in my code and I'm not really sure of what it might be... this is the problem that I get I guess the problem is in the area that I will colour red in the code below. Since that is the 8th row of sql that is initiated I moved the green one to the end of the other row and the number switched from 8 to 7 so it is that code that is red that atm is what I see is the error so if someone could help me with this I would really appreciate it. <?php include '../../php/header2.php'; echo' <!--Mainbody--> <div align="center"class="box">'; echo '<h2>Create a topic</h2>'; if($_SESSION['signed_in'] == false) { echo 'Sorry, you have to be <a href="/forum/signin.php">signed in</a> to create a topic.'; } else { if($_SERVER['REQUEST_METHOD'] != 'POST') { $sql = "SELECT cat_id, cat_name, cat_description FROM categories"; $result = mysql_query($sql); if(!$result) { echo 'Error while selecting from database. Please try again later.'; } else { if(mysql_num_rows($result) == 0) { if($_SESSION['user_level'] == 1) { echo 'You have not created categories yet.'; } else { echo 'Before you can post a topic, you must wait for an admin to create some categories.'; } } else { echo '<form method="post" action=""> Subject: <input type="text" name="subcat_name" /><br /> Category:'; echo '<select name="subcat_cat">'; while($row = mysql_fetch_assoc($result)) { echo '<option value="' . $row['cat_id'] . '">' . $row['cat_name'] . '</option>'; } echo '</select><br />'; echo 'Message: <br /><textarea name="subcat_description" /></textarea><br /><br /> <input type="submit" value="Create subcategory" /> </form>'; } } } else { $query = "BEGIN WORK;"; $result = mysql_query($query); if(!$result) { echo 'An error occured while creating your topic. Please try again later.'; } else { $sql = "INSERT INTO subcategories (subcat_name, subcat_cat, subcat_description) VALUES('" . mysql_real_escape_string($_POST['subcat_name']) . "', NOW(), " . mysql_real_escape_string($_POST['subcat_cat']) . " " . mysql_real_escape_string($_POST['subcat_description']) . " )"; $result = mysql_query($sql); if(!$result) { echo 'An error occured while inserting your data. Please try again later.<br /><br />' . mysql_error(); $sql = "ROLLBACK;"; $result = mysql_query($sql); } else { $sql = "COMMIT;"; $result = mysql_query($sql); echo 'You have succesfully created <a href="subcategories.php?id='. $subcat_id . '">your new subcategorie</a>.'; } } } } ?> <?php echo '</div> <!--Bottom--> <div align="left"class="bottom"> </div>'; ?> Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted December 6, 2012 Share Posted December 6, 2012 You do realize that no one likes visiting a web site with a dark background with dark text on it and no one here wants to try and read an error message with a dark background with dark text on it. Just copy/paste the text of the output you are getting into a post in this thread so that someone could help you with it. Quote Link to comment Share on other sites More sharing options...
mikosiko Posted December 6, 2012 Share Posted December 6, 2012 (edited) in this part of your code: $sql = "INSERT INTO subcategories (subcat_name, subcat_cat, subcat_description) VALUES('" . mysql_real_escape_string($_POST['subcat_name']) . "', NOW(), " . mysql_real_escape_string($_POST['subcat_cat']) . " " . mysql_real_escape_string($_POST['subcat_description']) . " )"; the error is very clear... just a matter of count elements correctly... 3 fields.... 4 Values Edited December 6, 2012 by mikosiko Quote Link to comment Share on other sites More sharing options...
Christian F. Posted December 6, 2012 Share Posted December 6, 2012 If you print out the completed query, you should spot the error. I'll give you a hint, it's about quotes. Quote Link to comment Share on other sites More sharing options...
mikosiko Posted December 6, 2012 Share Posted December 6, 2012 If you print out the completed query, you should spot the error. I'll give you a hint, it's about quotes. Yes.. in addition to number of elements Quote Link to comment Share on other sites More sharing options...
Tanelorn Posted December 6, 2012 Author Share Posted December 6, 2012 in this part of your code: $sql = "INSERT INTO subcategories (subcat_name, subcat_cat, subcat_description) VALUES('" . mysql_real_escape_string($_POST['subcat_name']) . "', NOW(), " . mysql_real_escape_string($_POST['subcat_cat']) . " " . mysql_real_escape_string($_POST['subcat_description']) . " )"; the error is very clear... just a matter of count elements correctly... 3 fields.... 4 Values Could you explain it more clear since english inst my main language and I'm still learning php and thanks this is actually the first problem I've gotten so far Quote Link to comment Share on other sites More sharing options...
Love2c0de Posted December 6, 2012 Share Posted December 6, 2012 (edited) Here you are selecting 3 fields: $sql = "INSERT INTO subcategories (subcat_name,//1 subcat_cat,//2 subcat_description)//3 In this part: VALUES('" . mysql_real_escape_string($_POST['subcat_name']) . "',//1 NOW(),//2 " . mysql_real_escape_string($_POST['subcat_cat']) . "//3 " . mysql_real_escape_string($_POST['subcat_description']) . "//4 )"; You are attempting to insert 4 values. Edited December 6, 2012 by AoTBuNgLe Quote Link to comment Share on other sites More sharing options...
Christian F. Posted December 6, 2012 Share Posted December 6, 2012 (edited) Count the number of fields you've specified (subcat_name, subcat_cat and subcat_description), and compare that against the number of values you're trying to insert (subcat_name, now(), subcat_cat, and subcat_description). BTW: It's quite redundant to repeat the table name in the fields, at least for fields that aren't foreign keys. You're always specifying the table anyway, so there is really no need to do so twice. AutoBungle: Formatting doesn't really work inside code tags. Edited December 6, 2012 by Christian F. Quote Link to comment Share on other sites More sharing options...
Tanelorn Posted December 6, 2012 Author Share Posted December 6, 2012 Count the number of fields you've specified (subcat_name, subcat_cat and subcat_description), and compare that against the number of values you're trying to insert (subcat_name, now(), subcat_cat, and subcat_description). BTW: It's quite redundant to repeat the table name in the fields, at least for fields that aren't foreign keys. You're always specifying the table anyway, so there is really no need to do so twice. AutoBungle: Formatting doesn't really work inside code tags. I tried to fix this by deleting the now() and I still get the same error... And thanks all for the help I really do appreciate it. Quote Link to comment Share on other sites More sharing options...
mrMarcus Posted December 6, 2012 Share Posted December 6, 2012 (edited) $sql = "INSERT INTO subcategories (subcat_name, subcat_cat, subcat_description) VALUES('" . mysql_real_escape_string($_POST['subcat_name']) . "', NOW(), " . mysql_real_escape_string($_POST['subcat_cat']) . " " . mysql_real_escape_string($_POST['subcat_description']) . " )"; Your original error message is related to not having $_POST['subcat_cat'] and/or $_POST['subcat_description'] wrapped with single-quotes. Since I don't know the field type of each, I can only assume that `subcat_description` is string while `subcat_cat` may or may not be numeric. TO be on the safe side, I'm going to assume it's string, too. Try this: $sql = "INSERT INTO subcategories ( `subcat_name`, `subcat_cat`, `subcat_description` ) VALUES( '" . mysql_real_escape_string($_POST['subcat_name']) . "', '" . mysql_real_escape_string($_POST['subcat_cat']) . "', '" . mysql_real_escape_string($_POST['subcat_description']) . "' )"; Edited December 6, 2012 by mrMarcus Quote Link to comment Share on other sites More sharing options...
Christian F. Posted December 6, 2012 Share Posted December 6, 2012 As mentioned above, there are/were several errors with your query. I gave you a hint to the remaining one, which is what you got an error message about. In fact, if you had sorted it out first, then you'd get an error message about the problem you just fixed. Quote Link to comment Share on other sites More sharing options...
Love2c0de Posted December 6, 2012 Share Posted December 6, 2012 AutoBungle: Formatting doesn't really work inside code tags. I am lazy sometimes I had to edit about 6 times, it kept automatically putting the color there even after I copied and pasted from his original post with no tags Also, shouldn't he really be escaping the data JUST before the query? Because then he can do //insert table blah blah VALUES ("{$_POST['subcat_name']}","{$_POST['subcat_cat']}","$_POST['subcat_description']"); And for the timestamp, I've read to read it in the php like so: $date = date("Y-m-d H:i:s", time()); Then put that into the query where his field is (which should be DATETIME type)? Kind regards. AoTB. Quote Link to comment Share on other sites More sharing options...
Tanelorn Posted December 6, 2012 Author Share Posted December 6, 2012 $sql = "INSERT INTO subcategories (subcat_name, subcat_cat, subcat_description) VALUES('" . mysql_real_escape_string($_POST['subcat_name']) . "', NOW(), " . mysql_real_escape_string($_POST['subcat_cat']) . " " . mysql_real_escape_string($_POST['subcat_description']) . " )"; Your original error message is related to not having $_POST['subcat_cat'] and/or $_POST['subcat_description'] wrapped with single-quotes. Since I don't know the field type of each, I can only assume that `subcat_description` is string while `subcat_cat` may or may not be numeric. TO be on the safe side, I'm going to assume it's string, too. Try this: $sql = "INSERT INTO subcategories ( `subcat_name`, `subcat_cat`, `subcat_description` ) VALUES( '" . mysql_real_escape_string($_POST['subcat_name']) . "', '" . mysql_real_escape_string($_POST['subcat_cat']) . "', '" . mysql_real_escape_string($_POST['subcat_description']) . "' )"; Yeah I just fixed that but I still get the same error but on line 7 atm not 8 but that is just because the "now()" was erased. And just to let everyone know this is for my school project so please don't expect me to understand everything that easy so I be real happy if you explain it thoroughly Quote Link to comment Share on other sites More sharing options...
Love2c0de Posted December 6, 2012 Share Posted December 6, 2012 (edited) Edit: dont mind me, completely wrong. Ok, what is the actual error which is displaying to you? I think it's either your double quotes or I don't know. Kind regards, AotB. Edited December 6, 2012 by AoTBuNgLe Quote Link to comment Share on other sites More sharing options...
Tanelorn Posted December 6, 2012 Author Share Posted December 6, 2012 (edited) Edit: dont mind me, completely wrong. Ok, what is the actual error which is displaying to you? I think it's either your double quotes or I don't know. Kind regards, AotB. An error occured while inserting your data. Please try again later. You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'test )' at line 7 and it's the same code except that the now() is deleted from there since the other two is actually the values I need. And double quotes where are they? (in my code) Sorry for not seeing this mostlikely simple problem Edited December 6, 2012 by Tanelorn Quote Link to comment Share on other sites More sharing options...
Love2c0de Posted December 6, 2012 Share Posted December 6, 2012 (edited) I'm very new to php dude so I'm just trying to think what it could be. Change this part of your code: $sql = "INSERT INTO subcategories (subcat_name, subcat_cat, subcat_description) VALUES('" . mysql_real_escape_string($_POST['subcat_name']) . "', NOW(), " . mysql_real_escape_string($_POST['subcat_cat']) . " " . mysql_real_escape_string($_POST['subcat_description']) . " )"; To this: $_POST['subcat_name'] = mysql_real_escape_string($_POST['subcat_name']); $_POST['subcat_cat'] = mysql_real_escape_string($_POST['subcat_cat']); $_POST['subcat_description'] = mysql_real_escape_string($_POST['subcat_description']); $sql = "INSERT INTO subcategories (subcat_name, subcat_cat, subcat_description) VALUES ('{$_POST['subcat_name']}','{$_POST['subcat_cat']}','{$_POST['subcat_description']}')"; Let me know if it works I use prepared statements now but when I did use the normal mysql type functions I always escaped it like this before inserting. Edit: the error message you posted, which line is line 7 because I looked at your code at the top and I can't see a problem at line 7? Regards, AotB. Edited December 6, 2012 by AoTBuNgLe Quote Link to comment Share on other sites More sharing options...
Tanelorn Posted December 6, 2012 Author Share Posted December 6, 2012 I'm very new to php dude so I'm just trying to think what it could be. Change this part of your code: $sql = "INSERT INTO subcategories (subcat_name, subcat_cat, subcat_description) VALUES('" . mysql_real_escape_string($_POST['subcat_name']) . "', NOW(), " . mysql_real_escape_string($_POST['subcat_cat']) . " " . mysql_real_escape_string($_POST['subcat_description']) . " )"; To this: $_POST['subcat_name'] = mysql_real_escape_string($_POST['subcat_name']); $_POST['subcat_cat'] = mysql_real_escape_string($_POST['subcat_cat']); $_POST['subcat_description'] = mysql_real_escape_string($_POST['subcat_description']); $sql = "INSERT INTO subcategories (subcat_name, subcat_cat, subcat_description) VALUES ('{$_POST['subcat_name']}','{$_POST['subcat_cat']}','{$_POST['subcat_description']}')"; Let me know if it works I use prepared statements now but when I did use the normal mysql type functions I always escaped it like this before inserting. Regards, AotB. Well after that this actually happend http://i.imgur.com/ISl0m.png Quote Link to comment Share on other sites More sharing options...
Love2c0de Posted December 6, 2012 Share Posted December 6, 2012 Also, I copied and pasted your whole code and it and there is a definite syntax error with quotes. Quote Link to comment Share on other sites More sharing options...
Tanelorn Posted December 6, 2012 Author Share Posted December 6, 2012 Also, I copied and pasted your whole code and it and there is a definite syntax error with quotes. Any idea how to solve it? Quote Link to comment Share on other sites More sharing options...
Christian F. Posted December 6, 2012 Share Posted December 6, 2012 Tanelorn: Echo it out to screen after constructing it, then it'll be a lot easier to see what's wrong with it. Quote Link to comment Share on other sites More sharing options...
Love2c0de Posted December 6, 2012 Share Posted December 6, 2012 Ima duck out of this one, it seems I should watch and learn Quote Link to comment Share on other sites More sharing options...
Tanelorn Posted December 9, 2012 Author Share Posted December 9, 2012 I managed to solve the problem and thanks everyone for the information needed, much appreciated ^^ Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.