Error in SQL Syntax when Inserting - php
I have been getting intermittent errors that come across like this.
You have an error in your SQL syntax; check the manual that corresponds
to your MySQL server version for the right syntax to use near '9 Sï¾')' at line 215
I don't get this everytime. Here is the code that it says the error occurs in. I am escaping all data before storing in the session and then inserting the session into the database. Line 215 is
'{$_SESSION['other-income-amount']}',
Here is the full code.
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$sql="INSERT INTO `application` (`ID`, `DATE`, `interested`, `intereseted2`,
`final`,
`type`,
`loan-type`,
`other-loan-type`,
`monthly-payment`,
`loan-total`,
`vehicle-submit`,
`name`,
`date-of-birth-month`,
`date-of-birth-day`,
`date-of-birth-year`,
`street`,
`city`,
`state`,
`zip`,
`marital-status`,
`personal-info-submit`,
`occupation`,
`salary`,
`date-of-employment`,
`employer-phone`,
`employer-phone2`,
`employer-phone3`,
`employer-address`,
`employer-city`,
`employer-state`,
`other-income`,
`other-income-amount`,
`income-submit`,
`mortgage`,
`creditor`,
`creditor2`,
`creditor3`,
`alimony`,
`orig-amount`,
`orig-amount1`,
`orig-amount2`,
`orig-amount3`,
`orig-amount4`,
`pres-balance`,
`pres-balance1`,
`pres-balance2`,
`pres-balance3`,
`mo-amount`,
`mo-amount1`,
`mo-amount2`,
`mo-amount3`,
`debts-info-submit`,
`reference-info-submit`,
`areacode`,
`middlethree`,
`lastfour`,
`email`,
`accountnumber`,
`month-of-employment`,
`day-of-employment`,
`year-of-employment`,
`relative-name`,
`relative-street`,
`relative-city`,
`relative-state`,
`relative-zip`,
`relative-phone1`,
`relative-phone2`,
`relative3`,
`relative-email`,
`relathionship`,
`posted_data`,
`personal-reason`,
`personal-submit`,
`total-amount`,
`other-submit`,
`additional-info`,
`joint-info-submit`,
`coname`,
`codate-of-birth-month`,
`codate-of-birth-day`,
`codate-of-birth-year`,
`costreet`,
`cocity`,
`costate`,
`cozip`,
`cophone`,
`cophone2`,
`cophone3`,
`coemail`,
`comarital-status`,
`coaccount`,
`cooccupation`,
`cosalary`,
`codate-of-employment-month`,
`codate-of-employment-day`,
`codate-of-employment-year`,
`coemployer-phone`,
`coemployer-phone-2`,
`coemployer-phone-3`,
`coemployer-address`,
`coemployer-city`,
`coemployer-state`,
`coother-income`,
`coother-income-amount`,
`no-hassle-amount`,
`employer-zip`,
`file`,
`ssn`
)
VALUES ('', '$date',
'{$_SESSION['interested']}',
'{$_SESSION['interested2']}',
'{$_SESSION['final']}',
'{$_SESSION['type']}',
'{$_SESSION['loan-type']}',
'{$_SESSION['other-loan-type']}',
'{$_SESSION['monthly-payment']}',
'{$_SESSION['loan-total']}',
'{$_SESSION['vehicle-submit']}',
'{$_SESSION['name']}',
'{$_SESSION['date-of-birth-month']}',
'{$_SESSION['date-of-birth-day']}',
'{$_SESSION['date-of-birth-year']}',
'{$_SESSION['street']}',
'{$_SESSION['city']}',
'{$_SESSION['state']}',
'{$_SESSION['zip']}',
'{$_SESSION['marital-status']}',
'{$_SESSION['personal-info-submit']}',
'{$_SESSION['occupation']}',
'{$_SESSION['salary']}',
'{$_SESSION['date-of-employment']}',
'{$_SESSION['employer-phone']}',
'{$_SESSION['employer-phone-2']}',
'{$_SESSION['employer-phone-3']}',
'{$_SESSION['employer-address']}',
'{$_SESSION['employer-city']}',
'{$_SESSION['employer-state']}',
'{$_SESSION['other-income']}',
'{$_SESSION['other-income-amount']}',
'{$_SESSION['income-submit']}',
'{$_SESSION['mortgage']}',
'{$_SESSION['creditor']}',
'{$_SESSION['creditor2']}',
'{$_SESSION['creditor3']}',
'{$_SESSION['alimony']}',
'{$_SESSION['orig-amount']}',
'{$_SESSION['orig-amount1']}',
'{$_SESSION['orig-amount2']}',
'{$_SESSION['orig-amount3']}',
'{$_SESSION['orig-amount4']}',
'{$_SESSION['pres-balance']}',
'{$_SESSION['pres-balance1']}',
'{$_SESSION['pres-balance2']}',
'{$_SESSION['pres-balance3']}',
'{$_SESSION['mo-amount']}',
'{$_SESSION['mo-amount1']}',
'{$_SESSION['mo-amount2']}',
'{$_SESSION['mo-amount3']}',
'{$_SESSION['debts-info-submit']}',
'{$_SESSION['reference-info-submit']}',
'{$_SESSION['areacode']}',
'{$_SESSION['middlethree']}',
'{$_SESSION['lastfour']}',
'{$_SESSION['email']}',
'{$_SESSION['accountnumber']}',
'{$_SESSION['month-of-employment']}',
'{$_SESSION['day-of-employment']}',
'{$_SESSION['year-of-employment']}',
'{$_SESSION['relative-name']}',
'{$_SESSION['relative-street']}',
'{$_SESSION['relative-city']}',
'{$_SESSION['relative-state']}',
'{$_SESSION['relative-zip']}',
'{$_SESSION['relative-phone1']}',
'{$_SESSION['relative-phone2']}',
'{$_SESSION['relative3']}',
'{$_SESSION['relative-email']}',
'{$_SESSION['relathionship']}',
'{$_SESSION['posted_data']}',
'{$_SESSION['personal-reason']}',
'{$_SESSION['personal-submit']}',
'{$_SESSION['total-amount']}',
'{$_SESSION['other-submit']}',
'{$_SESSION['additional-info']}',
'{$_SESSION['joint-info-submit']}',
'{$_SESSION['coname']}',
'{$_SESSION['codate-of-birth-month']}',
'{$_SESSION['codate-of-birth-day']}',
'{$_SESSION['codate-of-birth-year']}',
'{$_SESSION['costreet']}',
'{$_SESSION['cocity']}',
'{$_SESSION['costate']}',
'{$_SESSION['cozip']}',
'{$_SESSION['cophone']}',
'{$_SESSION['cophone2']}',
'{$_SESSION['cophone3']}',
'{$_SESSION['coemail']}',
'{$_SESSION['comarital-status']}',
'{$_SESSION['coaccount']}',
'{$_SESSION['cooccupation']}',
'{$_SESSION['cosalary']}',
'{$_SESSION['codate-of-employment-month']}',
'{$_SESSION['codate-of-employment-day']}',
'{$_SESSION['codate-of-employment-year']}',
'{$_SESSION['coemployer-phone']}',
'{$_SESSION['coemployer-phone-2']}',
'{$_SESSION['coemployer-phone-3']}',
'{$_SESSION['coemployer-address']}',
'{$_SESSION['coemployer-city']}',
'{$_SESSION['coemployer-state']}',
'{$_SESSION['coother-income']}',
'{$_SESSION['coother-income-amount']}',
'{$_SESSION['no-hassle-amount']}',
'{$_SESSION['employer-zip']}',
'{$_FILES["file"]["name"]}',
'{$encrypted}'
)";
I escape with this then store into session.
foreach ($_POST as $key => $value) {
$_POST[$key] = mysqli_real_escape_string($con, $value);
}
Put your values without quotes.
Instead of this:
'{$_SESSION['other-income-amount']}',
Use this:
$_SESSION['interested'], $_SESSION['other-income-amount'], ...
Your code will be like this:
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$sql="INSERT INTO application (ID, DATE, interested, intereseted2,
final,
type,
loan-type,
other-loan-type,
monthly-payment,
loan-total,
vehicle-submit,
name,
date-of-birth-month,
date-of-birth-day,
date-of-birth-year,
street,
city,
state,
zip,
marital-status,
personal-info-submit,
occupation,
salary,
date-of-employment,
employer-phone,
employer-phone2,
employer-phone3,
employer-address,
employer-city,
employer-state,
other-income,
other-income-amount,
income-submit,
mortgage,
creditor,
creditor2,
creditor3,
alimony,
orig-amount,
orig-amount1,
orig-amount2,
orig-amount3,
orig-amount4,
pres-balance,
pres-balance1,
pres-balance2,
pres-balance3,
mo-amount,
mo-amount1,
mo-amount2,
mo-amount3,
debts-info-submit,
reference-info-submit,
areacode,
middlethree,
lastfour,
email,
accountnumber,
month-of-employment,
day-of-employment,
year-of-employment,
relative-name,
relative-street,
relative-city,
relative-state,
relative-zip,
relative-phone1,
relative-phone2,
relative3,
relative-email,
relathionship,
posted_data,
personal-reason,
personal-submit,
total-amount,
other-submit,
additional-info,
joint-info-submit,
coname,
codate-of-birth-month,
codate-of-birth-day,
codate-of-birth-year,
costreet,
cocity,
costate,
cozip,
cophone,
cophone2,
cophone3,
coemail,
comarital-status,
coaccount,
cooccupation,
cosalary,
codate-of-employment-month,
codate-of-employment-day,
codate-of-employment-year,
coemployer-phone,
coemployer-phone-2,
coemployer-phone-3,
coemployer-address,
coemployer-city,
coemployer-state,
coother-income,
coother-income-amount,
no-hassle-amount,
employer-zip,
file,
ssn
)
VALUES ('', $date,
$_SESSION['interested'],
$_SESSION['interested2'],
$_SESSION['final'],
$_SESSION['type'],
$_SESSION['loan-type'],
$_SESSION['other-loan-type'],
$_SESSION['monthly-payment'],
$_SESSION['loan-total'],
$_SESSION['vehicle-submit'],
$_SESSION['name'],
$_SESSION['date-of-birth-month'],
$_SESSION['date-of-birth-day'],
$_SESSION['date-of-birth-year'],
$_SESSION['street'],
$_SESSION['city'],
$_SESSION['state'],
$_SESSION['zip'],
$_SESSION['marital-status'],
$_SESSION['personal-info-submit'],
$_SESSION['occupation'],
$_SESSION['salary'],
$_SESSION['date-of-employment'],
$_SESSION['employer-phone'],
$_SESSION['employer-phone-2'],
$_SESSION['employer-phone-3'],
$_SESSION['employer-address'],
$_SESSION['employer-city'],
$_SESSION['employer-state'],
$_SESSION['other-income'],
$_SESSION['other-income-amount'],
$_SESSION['income-submit'],
$_SESSION['mortgage'],
$_SESSION['creditor'],
$_SESSION['creditor2'],
$_SESSION['creditor3'],
$_SESSION['alimony'],
$_SESSION['orig-amount'],
$_SESSION['orig-amount1'],
$_SESSION['orig-amount2'],
$_SESSION['orig-amount3'],
$_SESSION['orig-amount4'],
$_SESSION['pres-balance'],
$_SESSION['pres-balance1'],
$_SESSION['pres-balance2'],
$_SESSION['pres-balance3'],
$_SESSION['mo-amount'],
$_SESSION['mo-amount1'],
$_SESSION['mo-amount2'],
$_SESSION['mo-amount3'],
$_SESSION['debts-info-submit'],
$_SESSION['reference-info-submit'],
$_SESSION['areacode'],
$_SESSION['middlethree'],
$_SESSION['lastfour'],
$_SESSION['email'],
$_SESSION['accountnumber'],
$_SESSION['month-of-employment'],
$_SESSION['day-of-employment'],
$_SESSION['year-of-employment'],
$_SESSION['relative-name'],
$_SESSION['relative-street'],
$_SESSION['relative-city'],
$_SESSION['relative-state'],
$_SESSION['relative-zip'],
$_SESSION['relative-phone1'],
$_SESSION['relative-phone2'],
$_SESSION['relative3'],
$_SESSION['relative-email'],
$_SESSION['relathionship'],
$_SESSION['posted_data'],
$_SESSION['personal-reason'],
$_SESSION['personal-submit'],
$_SESSION['total-amount'],
$_SESSION['other-submit'],
$_SESSION['additional-info'],
$_SESSION['joint-info-submit'],
$_SESSION['coname'],
$_SESSION['codate-of-birth-month'],
$_SESSION['codate-of-birth-day'],
$_SESSION['codate-of-birth-year'],
$_SESSION['costreet'],
$_SESSION['cocity'],
$_SESSION['costate'],
$_SESSION['cozip'],
$_SESSION['cophone'],
$_SESSION['cophone2'],
$_SESSION['cophone3'],
$_SESSION['coemail'],
$_SESSION['comarital-status'],
$_SESSION['coaccount'],
$_SESSION['cooccupation'],
$_SESSION['cosalary'],
$_SESSION['codate-of-employment-month'],
$_SESSION['codate-of-employment-day'],
$_SESSION['codate-of-employment-year'],
$_SESSION['coemployer-phone'],
$_SESSION['coemployer-phone-2'],
$_SESSION['coemployer-phone-3'],
$_SESSION['coemployer-address'],
$_SESSION['coemployer-city'],
$_SESSION['coemployer-state'],
$_SESSION['coother-income'],
$_SESSION['coother-income-amount'],
$_SESSION['no-hassle-amount'],
$_SESSION['employer-zip'],
$_FILES['file']['name'],
$encrypted
)";
Also study about sprintf in php would be very useful. Google it!
All the information you need is in error you are getting: You have an error in your SQL syntax; ... for the right syntax to use near '9 Sï¾')'
What this means is $_SESSION['other-income-amount'] contains the value 9 Sï¾').
This could be a character set issue. Usually this is the case when you see weird characters you aren't expecting. For example, someone might be entering 9 € but because the character sets may be incorrect, php ends up receiving it as '9 Sï¾')
Figure out how $_SESSION['other-income-amount'] gets the wrong value in it and fix that issue.
Related
my column name has parenthesis because of which when i call insert in php it gives error
$insert = "INSERT INTO state( state, sanction_percentage,
lt`(`1p`)`min, lt`(`1p`)`, lt`(`3p`)`min, lt`(`3p`)`, ht`(`415`)`min,
ht`(`415`)`, ht`(`11`)`min, ht`(`11`)`, tarrif, per_day_gen,
generation_limit ) VALUES('$state', '$sanction_percentage', '$lt1p_m',
'$lt1p', '$lt3p_m', '$lt3p', '$ht415_m', '$ht415', '$ht11_m', '$ht11',
'$tarrif', '$per_day_gen', '$generation_limit' )";
I have used escape on parenthesis but it gives error
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '`(`1p`)`min, lt`(`1p`)`, lt`(`3p`)`min, lt`(`3p`)`, ht`(`415`)`min, ht`(`415`)`,'
You should escape your query column names using `
So you need to have something like this if column name is like: lt(1p)min
$insert = "INSERT INTO state( state, sanction_percentage, `lt(1p)min`, `lt(1p)`, `lt(3p)min`, `lt(3p)`, `ht(415)min`, `ht(415)`, `ht(11)min`, `ht(11)`, tarrif, per_day_gen, generation_limit ) VALUES('$state', '$sanction_percentage', '$lt1p_m', '$lt1p', '$lt3p_m', '$lt3p', '$ht415_m', '$ht415', '$ht11_m', '$ht11', '$tarrif', '$per_day_gen', '$generation_limit' )";
Send form values to db error
When I try to send data from an html form to a database using php, I keep getting error unexpected ; in line 6. I cant seem to find the exact cause.
This is the code of send.php:
<?php
//Connecting to sql db.
$connect = mysqli_connect("host","user","password","database");
//Sending form data to sql db.
mysqli_query($connect,"INSERT INTO sw5_green (firstname_r, lastname_r, vid, occupation, address, firstname_s, lastname_s, country, amount, currency)
VALUES ('$_POST[post_firstname_r]', '$_POST[post_lastname_r]', '$_POST[post_vid]', '$_POST[post_occupation]', '$_POST[post_address]', '$_POST[post_firstname_s]', '$_POST[post_lastname_s]', '$_POST[post_country]', '$_POST[post_amount]', '$_POST[post_currency]')";
?>
You are missing ) at the end of the statement. put ) this before last ;.
Try it,
mysqli_query($connect,"INSERT INTO sw5_green (firstname_r, lastname_r, vid, occupation, address, firstname_s, lastname_s, country, amount, currency)
VALUES ('$_POST[post_firstname_r]', '$_POST[post_lastname_r]', '$_POST[post_vid]', '$_POST[post_occupation]', '$_POST[post_address]', '$_POST[post_firstname_s]', '$_POST[post_lastname_s]', '$_POST[post_country]', '$_POST[post_amount]', '$_POST[post_currency]')");
You are missing )
Replace your code with query with this
mysqli_query($connect,"INSERT INTO sw5_green (firstname_r, lastname_r, vid, occupation, address, firstname_s, lastname_s, country, amount, currency)
VALUES ('$_POST[post_firstname_r]', '$_POST[post_lastname_r]', '$_POST[post_vid]', '$_POST[post_occupation]', '$_POST[post_address]', '$_POST[post_firstname_s]', '$_POST[post_lastname_s]', '$_POST[post_country]', '$_POST[post_amount]', '$_POST[post_currency]'))";
wrong syntax '$_POST[post_firstname_r]' should be $_POST['post_firstname_r'] Always escape your data before saving.
PHP - Column count doesn't match value count.
hello this my code.
print_r($_POST);
foreach ($_POST as $key => $value){
echo $$key = $value;
}
echo $dpopName1= json_encode($_POST['dpopName']);
echo $dpopPosition1= json_encode($_POST['dpopPosition']);
echo $dpopLocation1= json_encode($_POST['dpopLocation']);
if($sub_cat=='all') {
$sub_cat='';
}
//$sql = mysql_query("INSERT INTO venders(vender_name, contact_personName,category, subcategory,email,contact_no,address,city,state,pin_code) VALUES ('$vendor_name', '$cont_personName','$cat_type','$sub_cat','$vendor_email', '$contact_no','$vendor_address','$state','$city','$vendor_pin')") or die(mysql_error());
$insertQuery=mysql_query("INSERT IGNORE INTO `venders`(`vender_name`, `vendor_ddNo`, `vendor_ddDate`, `vendor_regid`, `dateCorp`, `contact_personName`, `category`, `subcategory`, `email`, `contact_no`, `fax_no`, `website`, `address`, `city`, `taluka`, `state`, `pin_code`, `vendor_Baddress`, `Bstate`, `Bcity`, `Bvendor_pin`, `Btaluka`, `Bcontact_no`, `Bfax_no`, `Bvendor_email`, `Bwebsite`, `govtUndertake`, `stateUndertake`, `publiclCompany`, `privatelCompany`, `copSociaty`, `partnerFirm`, `propritorship`, `anyOtherspecify`, `dpopName`, `dpopPosition`, `dpopLocation`, `panDetails`, `panRequireFor`, `serviceTaxregDetails`, `serviceTaxrequiredFor`, `pfRegisterDetails`, `pfRequireFor`, `excDutyreg`, `excRequireFor`, `labourLicensedetails`, `licencePanrequireFor`, `stvRegNo`, `stvRequireFor`, `stvregDateDetails`, `stvregDateRequiredFor`, `orgStrngth`, `NameofCompany`, `NameofBank`,
`nameOfbankBranch`, `cityofMB`, `accountNo`, `accountType`, `bankBranchIfsccode`, `micodeofBankbranch`, `otherBankerDetails`)
VALUES ('$vendor_name','$vendor_ddNo','$vendor_ddDate','$vendor_id','$dateCorp','$cont_personName','$vendor_address', '$cat_type','$sub_cat','$vendor_email','$contact_no','$fax_no','$website','$vendor_address','$city','$taluka','$state','$vendor_pin', '$vendor_Baddress','$Bstate','$Bcity','$Bvendor_pin','$Btaluka','$Bcontact_no','$Bfax_no','$Bvendor_email','$Bwebsite','$govtUndertake', '$stateUndertake', '$publiclCompany', '$privatelCompany', '$copSociaty', '$partnerFirm', '$propritorship', '$anyOtherspecify', '$dpopName1', '$dpopPosition1', '$dpopLocation1','$panDetails', '$panRequireFor', '$serviceTaxregDetails', '$serviceTaxrequiredFor', '$pfRegisterDetails', '$pfRequireFor', '$excDutyreg', '$excRequireFor', '$labourLicensedetails', '$licencePanrequireFor', '$stvRegNo',
'$stvRequireFor', '$stvregDateDetails', '$stvregDateRequiredFor', '$orgStrngth', '$NameofCompany', '$NameofBank', '$nameOfbankBranch', '$cityofMB', '$accountNo', '$accountType', '$bankBranchIfsccode', '$micrCodeofBankbranch', '$otherBankerDetails'
)") or die(mysql_error());
Array to string conversion error
Column count doesn't match value count at row 1.
I tried following to solve the prooblem:
for solving 1st error i use json encode to convert the array into json string then i place the json string variable into insert table.
for column count error i checked wheather my database id has a primary key or not and it has a primary key then also i count all the value and column and also i cross check all the syntax but i found nothing.
A better way... to insert, when you're inserting alot of columns is... to use INSERT INTO SET, because then you have a better idea of which columns are missing.. than meticulously going through your mapped INSERT, and checking whether you have every column to every value. INSERT INTO sometable SET field1 = 'value1', field2 = 'value2', field3 = 'value3' (Milov, 2004). It also helps, to escape every single value that you are inserting (But keep in mind... it is recommended to use PDO over MySQL Real Escape).
If any of your variables would contain a ' that would destroy your query.
Sure it would be best to use DBO, but since I guess you are trying to implement something here into existing code, you should try to debug this more:
print_r($_POST);
foreach ($_POST as $key => $value){
echo $$key = mysql_real_escape_string($value);
}
echo $dpopName1= mysql_real_escape_string(json_encode($_POST['dpopName']));
echo $dpopPosition1= mysql_real_escape_string(json_encode($_POST['dpopPosition']));
echo $dpopLocation1= mysql_real_escape_string(json_encode($_POST['dpopLocation']));
debug with:
$query="INSERT IGNORE INTO `venders`(`vender_name`, `vendor_ddNo`, `vendor_ddDate`, `vendor_regid`, `dateCorp`, `contact_personName`, `category`, `subcategory`, `email`, `contact_no`, `fax_no`, `website`, `address`, `city`, `taluka`, `state`, `pin_code`, `vendor_Baddress`, `Bstate`, `Bcity`, `Bvendor_pin`, `Btaluka`, `Bcontact_no`, `Bfax_no`, `Bvendor_email`, `Bwebsite`, `govtUndertake`, `stateUndertake`, `publiclCompany`, `privatelCompany`, `copSociaty`, `partnerFirm`, `propritorship`, `anyOtherspecify`, `dpopName`, `dpopPosition`, `dpopLocation`, `panDetails`, `panRequireFor`, `serviceTaxregDetails`, `serviceTaxrequiredFor`, `pfRegisterDetails`, `pfRequireFor`, `excDutyreg`, `excRequireFor`, `labourLicensedetails`, `licencePanrequireFor`, `stvRegNo`, `stvRequireFor`, `stvregDateDetails`, `stvregDateRequiredFor`, `orgStrngth`, `NameofCompany`, `NameofBank`, `nameOfbankBranch`, `cityofMB`, `accountNo`, `accountType`, `bankBranchIfsccode`, `micrCodeofBankbranch`, `otherBankerDetails`) VALUES ('$vendor_name','$vendor_ddNo','$vendor_ddDate','$vendor_id','$dateCorp','$cont_personName','$vendor_address', '$cat_type','$sub_cat','$vendor_email','$contact_no','$fax_no','$website','$vendor_address','$city','$taluka','$state','$vendor_pin', '$vendor_Baddress','$Bstate','$Bcity','$Bvendor_pin','$Btaluka','$Bcontact_no','$Bfax_no','$Bvendor_email','$Bwebsite','$govtUndertake', '$stateUndertake', '$publiclCompany', '$privatelCompany', '$copSociaty', '$partnerFirm', '$propritorship', '$anyOtherspecify', '$dpopName1', '$dpopPosition1', '$dpopLocation1','$panDetails', '$panRequireFor', '$serviceTaxregDetails', '$serviceTaxrequiredFor', '$pfRegisterDetails', '$pfRequireFor', '$excDutyreg', '$excRequireFor', '$labourLicensedetails', '$licencePanrequireFor', '$stvRegNo', '$stvRequireFor', '$stvregDateDetails', '$stvregDateRequiredFor', '$orgStrngth', '$NameofCompany', '$NameofBank', '$nameOfbankBranch', '$cityofMB', '$accountNo', '$accountType', '$bankBranchIfsccode', '$micrCodeofBankbranch', '$otherBankerDetails')";
if (!$insertQuery=mysql_query($query)){
echo $query;
die(mysql_error());
}
I notice this small mistake: You use ` instead of ' which is totally wrong.
How to properly INSERT INTO MySQL Using PHP Variables
I'm having a problem with my personal server where I'm trying to create a database for the decade old binders I have for the Yu-Gi-Oh! Trading Card Game (haven't played in years). In testing the INSERT INTO, I keep running across a particular problem...
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''Magic'(Name, Description, Card_ID, Pack, P_ID, Quantity) VALUES ('Post', 'Post ' at line 1
Now my code outputs properly when I comment out the query function and echo to my webpage, but I keep getting the above mysql_error() message being displayed.
My code snippet is as follows...
if(isset($_SESSION['username'])) {
mysql_connect("localhost", "my_username", "my_password") or die(mysql_error());
mysql_select_db("my_db") or die(mysql_error());
function clean_string($value) {
if(get_magic_quotes_gpc() ) {
$value = stripslashes($value);
}
return mysql_real_escape_string($value);
}
$Show = clean_string($_POST['show']);
$Table = clean_string($_POST['table']);
$Insert_M_T = $_POST['insert_magic_traps'];
$Insert_Monster = $_POST['insert_monster_effect'];
$Insert_Card_Type = clean_string($_POST['I_Type']);
$Insert_Card_Name = clean_string($_POST['I_Card_Name']);
$Insert_Description = clean_string($_POST['I_C_Description']);
$Insert_Card_ID = clean_string($_POST['I_Card_ID']);
$Insert_CardPack = clean_string($_POST['I_C_Pack']);
$Insert_PackID = clean_string($_POST['I_C_P_ID']);
$Insert_Quantity = clean_string($_POST['I_C_Quantity']);
if(isset($Insert_M_T)) {
$sql = "INSERT INTO '$Insert_Card_Type'(Name, Description, Card_ID, Pack, P_ID, Quantity) VALUES ('$Insert_Card_Name', '$Insert_Description', '$Insert_Card_ID', '$Insert_CardPack', '$Insert_PackID', '$Insert_Quantity')";
mysql_query($sql) or die(mysql_error());
echo "<center><h2>Record added to Table: $Insert_Card_Type</h2></center>";
echo "<center><table><tr><th>Name:</th><td>$Insert_Card_Name</td></tr><tr><th>Description:</th><td>$Insert_Description</td></tr><tr><th>Card ID:</th><td>$Insert_Card_ID</td></tr><tr><th>Pack:</th><td>$Insert_CardPack</td></tr><tr><th>Pack ID Number</th><td>$Insert_PackID</td></tr><tr><th>Quantity:</th><td>$Insert_Quantity</td></tr></table></center>";
}
?>
//more html and php code
<?php
} else {
echo "<h1><center><font color=#ff0000 >ACCESS DENIED!!!</font></center></h1>";
echo "<h2><center><a href=index.php >Login Here!</a></center></h2>";
}
?>
Any advice would be helpful. I've tried searching for how to get around this problem, but to no avail. I feel like this is a simple fix, but I'm missing it. Please advise.
Thank you in advance.
~DanceLink
INSERT INTO `$Insert_Card_Type` (Name, Description, Card_ID, Pack, P_ID, Quantity)
VALUES ('$Insert_Card_Name', '$Insert_Description', '$Insert_Card_ID', '$Insert_CardPack', '$Insert_PackID', '$Insert_Quantity')
Backticks around $Insert_Card_Type, not single quotes.
Issue with Inserting a record into a MySql database
I am having an issue with a simple form uploading script.
On this upload script I built to upload data to a MySql database, I can't seem to get the record to insert into the database when I include this one variable.
I figured that perhaps I am overlooking some minor coding issue, and I'm working on a deadline to get this system live...
Here is the code snippit that is giving me issues.
$title=$_REQUEST['title'];
$author=$_REQUEST['author'];
$hours=$_REQUEST['hours'];
$start_d=$_REQUEST['start_d'];
$start_m=$_REQUEST['start_m'];
$start_y=$_REQUEST['start_y'];
$end_d=$_REQUEST['end_d'];
$end_m=$_REQUEST['end_m'];
$end_y=$_REQUEST['end_y'];
$certificate=$_REQUEST['certificate'];
$required=$_REQUEST['required'];
$assessment=$_REQUEST['assessment'];
$describe=$_REQUEST['description'];
$query=mysql_query("INSERT INTO `records` (title, hours, start_date_d, start_date_m, start_date_y , end_date_d, end_date_m, end_date_y , certificate, requirement, author, approved, assessment, describe) VALUES ('$title', '$hours', '$start_d', '$start_m', '$start_y', '$end_d', '$end_m', '$end_y', '$certificate', '$required', '$author', '0', '$assessment', '$describe')");
mysql_close();
The variable that is giving me issues is the one denoted as '$describe'.
My previous testing has indicated:
The form script is collecting data correctly
The form script is passing the data to the upload script correctly via method='post'
The database connection information is correct
All of the field names in the mysql query are typed correctly
Thank you in advance for your help.
Update:
echo mysql_error(); => "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' assessment, describe) VALUES' at line 1
this awful code should be totally rewritten.
but to solve this very problem
foreach ($_REQUEST as $key => $value) $_REQUEST[$key] = mysql_real_escape_string($value);
Something like this.
Note that i've changed date fields to date format.
$_POST['start_date'] = $_POST['start_y'].'-'.$_POST['start_m'].'-'.$_POST['start_d'];
$_POST['end_date'] = $_POST['end_y'].'-'.$_POST['end_m'].'-'.$_POST['end_d'];
$_POST['approved'] = 0;
$fields = explode(" ","title author hours start_date end_date certificate required assessment describe");
$query = "INSERT INTO `records` SET ".dbSet($fields);
mysql_query($query) or trigger_error(mysql_error().$query);
function dbSet($fields) {
$q='';
foreach ($fields as $v) $q.="`$v`='".mysql_real_escape_string($_POST[$v])."', ";
return trim($q,", ");
}
Try this:
$query="INSERT INTO `records` (title, hours, start_date_d, start_date_m, start_date_y , end_date_d, end_date_m, end_date_y , certificate, requirement, author, approved, assessment, describe) VALUES ('$title', '$hours', '$start_d', '$start_m', '$start_y', '$end_d', '$end_m', '$end_y', '$certificate', '$required', '$author', '0', '$assessment', '$describe')";
var_dump($query);
And post to us :)
It turns out that "Describe" is a reserved word in MySql. I changed the field name, and now my script works...