cutielou22 Posted March 15, 2015 Share Posted March 15, 2015 Not sure what is going on I tried everything (well, that I could think of) . . . any ideas are welcome (hopefully new ones - getting frustrated :/) if ($mysqli->prepare("INSERT INTO solcontest_entries (title, image,content, user, contest) VALUES ($title, $image, $content, $userid, $contest")) { $stmt2 = $mysqli->prepare("INSERT INTO `solcontest_entries` (title, image, content, user, contest) VALUES (?, ?, ?, ?, ?)"); $stmt2->bind_param('sssss', $title, $image, $content, $userid, $contest); $stmt2->execute(); $stmt2->store_result(); $stmt2->fetch(); $stmt2->close(); } else { die(mysqli_error($mysqli)); } Error I get from die mysqli_error: "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' of the site's lead ad, user_61609201, contest_1' at line 1" I have also tried $mysqli->query no change occured. I added the "if else die" statement because it was giving no errors, but not adding it to the database. It gives the error where $content is supposed to be inserted. Various combos and singles I tried for the variable: //$content = cleansafely($_POST['content']); //$content = mysqli_real_escape_string ($mysqli, $_POST['content']); //$content = cleansafely($content); $content = $_POST['content']; If any more information is needed please let me know. Link to comment https://forums.phpfreaks.com/topic/295234-insert-into-problem/ Share on other sites More sharing options...
Ch0cu3r Posted March 15, 2015 Share Posted March 15, 2015 You are preparing the query twice here. Why? if ($mysqli->prepare("INSERT INTO solcontest_entries (title, image,content, user, contest) VALUES ($title, $image, $content, $userid, $contest")) { $stmt2 = $mysqli->prepare("INSERT INTO `solcontest_entries` (title, image, content, user, contest) VALUES (?, ?, ?, ?, ?)"); You only need to prepare the query once. The values in a prepared query should be substituted with placeholders. You then use bind_param to bind the values to the placeholders. When you execute the query mysql will use the bound values in place of the placeholders. Your code should be if ($stmt2 = $mysqli->prepare("INSERT INTO `solcontest_entries` (title, image, content, user, contest) VALUES (?, ?, ?, ?, ?)")) { Link to comment https://forums.phpfreaks.com/topic/295234-insert-into-problem/#findComment-1508117 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.