Trouble Inserting into a Database

[Riyoku]

I'm... a complete idiot. I've spent hours upon hours searching across google for an answer to this(and of course the websites it has brought up) and even tried implementing a code a friend had made me several years ago (following it as a basic guideline) for the same website - that worked, but only with what they gave it to me for. >>

What I'm trying to do is make a small basic control panel that only I will have access to. I've got the html done, but now I'm doing the PHP. I'm trying to keep the php code very basic so it will be at my level of knowledge. Roadblock though. I've managed to get my first control panel form to access my database(MySQL), I'm very sure of this as at the bottom of the form, I've programmed it to list all items already in my "news" table of my database. The problem is however, something seems to be wrong with my insert statement for the form... it's hitting a brickwall somewhere and every website just tells me to do it the way I already am. Enough with trying to describe my perdicament, here comes the facts.

The table I'm using is called "news" - it has a total of 8 fields; id, type, title, month, day, year, body, and by.

The code I'm using to insert is such -
[code]<?php
include "db.php";

$type = $_POST['type'];
$title = $_POST['title'];
$month = $_POST['month'];
$day = $_POST['day'];
$year = $_POST['year'];
$body = $_POST['body'];
$by = $_POST['by'];

mysql_query("insert into news(type, title, month, day, year, body, by) values('$type', '$title', '$month', '$day', '$year', '$body', '$by')") or die("Insert error : ". mysql_error());
?>[/code]

The error I'm receiving says -
[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]Insert error : You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'by) values('news', 'testing', '03', '09', '06', 'testing', 'riy[/quote]

My host is avahost, not sure if that helps....

If you need more information from me, please poke me and let me know. Any and all help is vital and greatly appreciated.

EDIT - Updated code and quote, thank you for the fast help. It's still being stubborn though ^^"

[kenrbnsn]

It's amazing you didn't get a syntax error on this line:
[code]<?php
mysql_query("insert into news(type, title, month, day, year, body, by) values("$type", "$title", "$month", "$day", "$year", "$body", "$by")") or die("Insert error:" . mysql_error());
?>[/code]
You have too many double quotes, you should change it to:
[code]<?php
mysql_query("insert into news(type, title, month, day, year, body, by) values('$type', '$title', '$month', '$day', '$year', '$body', '$by')") or die("Insert error:" . mysql_error());
?>[/code]
or
[code]<?php
$ q = "insert into news(type, title, month, day, year, body, by) values('$type', '$title', '$month', '$day', '$year', '$body', '$by')";
$ mysql_query($q) or die('Problem with query: ' . $q . '<br />' . mysql_error());
?>[/code]

Ken

[Riyoku]

updated code to -
[code]<?php
include "db.php";

$type = $_POST['type'];
$title = $_POST['title'];
$month = $_POST['month'];
$day = $_POST['day'];
$year = $_POST['year'];
$body = $_POST['body'];
$by = $_POST['by'];

mysql_query("insert into news(type, title, month, day, year, body, by) values('$type', '$title', '$month', '$day', '$year', '$body', '$by')") or die("Insert error : ". mysql_error());
?>[/code]

error changed to -
[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]Insert error : You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'by) values('news', 'testing', '03', '09', '06', 'testing', 'riy[/quote]

Thank you for the fast help, I wish it wasn't still fighting me though. But I'm sure your suggestion just prevented a problem I was/would be having at some point anyway. X3

[kenrbnsn]

"by" is a reserved word to MySQL, so surround it with backticks:
[code]<?php
mysql_query("insert into news(type, title, month, day, year, body, `by`) values('$type', '$title', '$month', '$day', '$year', '$body', '$by')") or die("Insert error : ". mysql_error());
?>[/code]

Ken

[Riyoku]

[!--quoteo(post=353382:date=Mar 9 2006, 03:48 PM:name=kenrbnsn)--][div class=\'quotetop\']QUOTE(kenrbnsn @ Mar 9 2006, 03:48 PM) [snapback]353382[/snapback][/div][div class=\'quotemain\'][!--quotec--]
"by" is a reserved word to MySQL, so surround it with backticks:
[code]<?php
mysql_query("insert into news(type, title, month, day, year, body, `by`) values('$type', '$title', '$month', '$day', '$year', '$body', '$by')") or die("Insert error : ". mysql_error());
?>[/code]

Ken
[/quote]

Oh... my.... -GLEEEEEEEE- you.. you... you're right, you're right! I had no clue about that... I should just re-name it anyway to "author" or "admin" as soon as possible. But jeeze! It went through! With correct data and everything! I'm sorry, it's just... hours and hours and such... and now I finally have my answer. I owe you big time, and I should really have sucked up my pride and come here to begin with... at least I will next time I'm stuck instead of staring at the same string of code for hours... o_o

Do answered topics get locked?

[AV1611]

Can I suggest you just always get in the habbit of putting all your field names in `backticks` until you get more proficient...

That helped me a ton... It's never WRONG to use them... You can even do

select `$definedvariable` from table...

Basically, leave the shortcuts to the experts, and do things longhand until you "earn" the shortcuts... At least, that was/is my approach...

For example, when I did loops for a long time, I did them like this

$i=0;
// some stuff
$i=$i+1;

later, I used the easier
$i++;


It just helped me visualize the code flow better...