Jump to content

INSERT INTO Problem

cutielou22

By cutielou22
in PHP Coding Help

 Share

Recommended Posts

cutielou22 Regular Member

cutielou22

Posted
Posted

Not sure what is going on I tried everything (well, that I could think of) . . . any ideas are welcome (hopefully new ones - getting frustrated :/)

if ($mysqli->prepare("INSERT INTO solcontest_entries (title, image,content, user, contest) VALUES ($title, $image, $content, $userid, $contest")) {
$stmt2 = $mysqli->prepare("INSERT INTO `solcontest_entries` (title, image, content, user, contest) VALUES (?, ?, ?, ?, ?)");
$stmt2->bind_param('sssss', $title, $image, $content, $userid, $contest);
$stmt2->execute();
$stmt2->store_result();
$stmt2->fetch();
$stmt2->close();
} else {
			
	die(mysqli_error($mysqli));

}

Error I get from die mysqli_error: "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' of the site's lead ad, user_61609201, contest_1' at line 1"

 

I have also tried $mysqli->query no change occured. I added the "if else die" statement because it was giving no errors, but not adding it to the database.

 

It gives the error where $content is supposed to be inserted.

 

Various combos and singles I tried for the variable:

//$content =  cleansafely($_POST['content']);
//$content = mysqli_real_escape_string ($mysqli, $_POST['content']);
//$content = cleansafely($content);
$content = $_POST['content'];

If any more information is needed please let me know.

Link to comment
Share on other sites
Ch0cu3r Newbie

Ch0cu3r

Posted
Posted

You are preparing the query twice here. Why?

if ($mysqli->prepare("INSERT INTO solcontest_entries (title, image,content, user, contest) VALUES ($title, $image, $content, $userid, $contest")) {
$stmt2 = $mysqli->prepare("INSERT INTO `solcontest_entries` (title, image, content, user, contest) VALUES (?, ?, ?, ?, ?)");

You only need to prepare the query once. The values in a prepared query should be substituted with placeholders. You then use bind_param to bind the values to the placeholders. When you execute the query mysql will use the bound values in place of the placeholders.

 

Your code should be

if ($stmt2 = $mysqli->prepare("INSERT INTO `solcontest_entries` (title, image, content, user, contest) VALUES (?, ?, ?, ?, ?)")) {
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.