Error in sql syntax

Codes here !

Moderators: egami, macek, gesf

Post Reply
iam4423
New php-forum User
New php-forum User
Posts: 50
Joined: Fri Jan 20, 2012 8:00 am

Wed Dec 11, 2013 8:36 am

your problem is that you are double quoting the values in the query and in the check_input() function

either change your query to

Code: Select all

INSERT INTO spikes (type, brand, gender, size, hand, new, price, description, imgname, date, name, userid, phone)
   VALUES($type, $brand, $gender, 
               $size, $hand, $isNew, 
               $price, $desc, $imgname, 
               $date, $name, $userid, 
               $phone)";
or your function to

Code: Select all

function check_input($value)
{
   // Stripslashes
   if (get_magic_quotes_gpc())
      $value = stripslashes($value);

   // Quote if not a number
   if (!is_numeric($value))
      $value =  mysql_real_escape_string($value);

   return $value;
}

Post Reply