forumnz Posted January 27, 2008 Share Posted January 27, 2008 My code is meant to email someone and insert the data into db. It just gives the error: Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' You have been emailed because submitted your email address through th' at line 3 Here is my code - please help: <?php $name = $_POST['name']; $business_name = $_POST['business_name']; $emailm = $_POST['email']; $contact = $_POST['contact']; $id = $_POST['id']; include('connectdb.php'); $sql ="SELECT * FROM `fflists` WHERE `id`='$id'"; $result = mysql_query($sql) or die(mysql_error()); while($row = mysql_fetch_array($result)) { $email = $row['email']; $uname = $row['name']; } # Below is for business $message = "Hi " . $uname . ", <br /><br />" . $name . " has seen your " . $business_name . " listing on FoodFinder. They have written a message for you. Please note, this message has not been screened by FoodFinder staff and is not responsible for it's content.<br /><br />Regards,<br />FoodFinder Staff<br /><br />Submitted Content:<br /><br />Name: " . $name . "<br />Contact: " . $contact . "<br />Message: " . $emailm . ""; $subject = "FoodFinder Contact"; mail($cemail,$subject,$message,$headers); include('connectdb.php'); $sql = ("INSERT INTO submitted_emails (buzzid, name, contact, message, email) VALUES ('$id','$name','$contact','$emailm',$message)"); if (!mysql_query($sql)) { die('Error: ' . mysql_error()); } ?> Thanks! Link to comment https://forums.phpfreaks.com/topic/88083-strange-syntax-error/ Share on other sites More sharing options...
papaface Posted January 27, 2008 Share Posted January 27, 2008 should be: <?php $name = $_POST['name']; $business_name = $_POST['business_name']; $emailm = $_POST['email']; $contact = $_POST['contact']; $id = $_POST['id']; include('connectdb.php'); $sql ="SELECT * FROM `fflists` WHERE `id`='$id'"; $result = mysql_query($sql) or die(mysql_error()); while($row = mysql_fetch_array($result)) { $email = $row['email']; $uname = $row['name']; } # Below is for business $message = "Hi " . $uname . ", <br /><br />" . $name . " has seen your " . $business_name . " listing on FoodFinder. They have written a message for you. Please note, this message has not been screened by FoodFinder staff and is not responsible for it's content.<br /><br />Regards,<br />FoodFinder Staff<br /><br />Submitted Content:<br /><br />Name: " . $name . "<br />Contact: " . $contact . "<br />Message: " . $emailm . ""; $subject = "FoodFinder Contact"; mail($cemail,$subject,$message,$headers); include('connectdb.php'); $sql = ("INSERT INTO submitted_emails (buzzid, name, contact, message, email) VALUES ('$id','$name','$contact','$emailm','$message')"); if (!mysql_query($sql)) { die('Error: ' . mysql_error()); } ?> Link to comment https://forums.phpfreaks.com/topic/88083-strange-syntax-error/#findComment-450626 Share on other sites More sharing options...
forumnz Posted January 27, 2008 Author Share Posted January 27, 2008 That didn't work? I now get: Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's content. Regards, FoodFinder Staff Submitted Conten' at line 3 Link to comment https://forums.phpfreaks.com/topic/88083-strange-syntax-error/#findComment-450629 Share on other sites More sharing options...
PHP Monkeh Posted January 27, 2008 Share Posted January 27, 2008 Either addslashes() or mysql_real_escape_string() the strings you're inputting. The reason it'll be generating errors is because you have an apostrophe in one of your inputs somewhere. Do this at your string input stage: <?php $name = mysql_real_escape_string($_POST['name']); // OR $name = addslashes($_POST['name']); ?> Link to comment https://forums.phpfreaks.com/topic/88083-strange-syntax-error/#findComment-450650 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.