Error in sql syntax

[iam4423]

your problem is that you are double quoting the values in the query and in the check_input() function

either change your query to

Code: Select all

INSERT INTO spikes (type, brand, gender, size, hand, new, price, description, imgname, date, name, userid, phone)
   VALUES($type, $brand, $gender, 
               $size, $hand, $isNew, 
               $price, $desc, $imgname, 
               $date, $name, $userid, 
               $phone)";

or your function to

Code: Select all

function check_input($value)
{
   // Stripslashes
   if (get_magic_quotes_gpc())
      $value = stripslashes($value);

   // Quote if not a number
   if (!is_numeric($value))
      $value =  mysql_real_escape_string($value);

   return $value;
}