AbydosGater Posted December 3, 2006 Share Posted December 3, 2006 Hi i am running the following few lines of code...<?phpmysql_query("INSERT INTO `sf_profiles` ( `member_id` , `code` , `lastupdate` , `views` ) VALUES ('$member_id', '$code', '', '')") or die(mysql_error()); echo "<font color=white><i>The system has detected that you have not set up a profile yet,<br>and has entered the correct information to the database so you may continue.</i></font><br>"; }?>Thats in the middle of my script along the way.I was having this problem and getting the error. so i copyed an INSERT from phpmyadmin..*(the above code) And im still getting the following error..You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'stored. ', '', '' )' at line 4Anyone know why? i got it working in phpmyadmin :P:? Link to comment https://forums.phpfreaks.com/topic/29306-sql-syntax-error-should-not-be/ Share on other sites More sharing options...
craygo Posted December 3, 2006 Share Posted December 3, 2006 I looks like your $code variable contains syntax charactors. try this[code]mysql_query("INSERT INTO `sf_profiles` ( `member_id` , `code` , `lastupdate` , `views` )VALUES ('$member_id', '".mysql_real_escape_string($code)."', '', '')") or die(mysql_error());[/code]ray Link to comment https://forums.phpfreaks.com/topic/29306-sql-syntax-error-should-not-be/#findComment-134312 Share on other sites More sharing options...
kenrbnsn Posted December 3, 2006 Share Posted December 3, 2006 Do any of the values that you are attempting to store contain single quotes? You should always pass string values through the funtion [url=http://www.php.net/mysql_real_escape_string]mysql_real_escape_string()[/url] when storing them in the database. This function will escape a number of characters that can be harmful to MySQL.Also if you store your query in a variable, then then "or die" clause becomes much more useful, since the query that caused the problem can be displayed.[code]<?php$q = "INSERT INTO `sf_profiles` ( `member_id` , `code` , `lastupdate` , `views` )VALUES ('$member_id', '$code', '', '')";$rs = mysql_query($q) or die("Problem with the query: $q<br>" . mysql_error()); echo "<font color=white>The system has detected that you have not set up a profile yet,and has entered the correct information to the database so you may continue.</font>"; }?>[/code]Ken Link to comment https://forums.phpfreaks.com/topic/29306-sql-syntax-error-should-not-be/#findComment-134316 Share on other sites More sharing options...
AbydosGater Posted December 3, 2006 Author Share Posted December 3, 2006 It looks as though both of you are correct, thank you both Link to comment https://forums.phpfreaks.com/topic/29306-sql-syntax-error-should-not-be/#findComment-134336 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.