Board index   FAQ   Search  
Register  Login
Board index php forum :: Database mySQL & php coding

Error in sql syntax

Codes here !

Moderators: macek, egami, gesf

Error in sql syntax

Postby tnrh1 » Wed Oct 30, 2013 7:09 am

That's the error I get:
Error3: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'sprint spikes'', ''Nike'', '' at line 2

For the following code:
Code: Select all
function post($type, $brand, $gender, $size, $hand, $isNew, $price, $desc, $imgname, $name, $userid, $phone)
{
   $con=connect();
   if (!$con)
      die('Could not connect: ' . mysql_error());
   // Check connection
   $type       = check_input   ($type);
   $brand   = check_input   ($brand);
   $gender  = check_input   ($gender);
   $size      = check_input   ($size);
   $hand     = check_input   ($hand);
   $price     = check_input   ($price);
   $desc     = check_input   ($desc);
   $imgname = check_input   ($name);
   $userid  = check_input   ($usid);
   $name     = check_input   ($name);
   $phone     = check_input   ($phone);
   
   $date = date("Y/m/d");
   $sql="INSERT INTO spikes (type, brand, gender, size, hand, new, price, description, imgname, date, name, userid, phone)
   VALUES('$type', '$brand', '$gender',
               '$size', '$hand', '$isNew',
               '$price', '$desc', '$imgname',
               '$date', '$name', '$userid',
               '$phone')";

   if (!mysql_query($sql,$con)){
      die('Error3: ' . mysql_error($con));
   }
   
   mysql_close($con);
}

Code: Select all
function check_input($value)
{
   // Stripslashes
   if (get_magic_quotes_gpc())
      $value = stripslashes($value);

   // Quote if not a number
   if (!is_numeric($value))
      $value = "'" . mysql_real_escape_string($value) . "'";

   return $value;
}


I really don't understand what I'm doing wrong..
tnrh1
New php-forum User
New php-forum User
 
Posts: 4
Joined: Wed Jun 12, 2013 6:52 am

Re: Error in sql syntax

Postby iam4423 » Wed Dec 11, 2013 8:36 am

your problem is that you are double quoting the values in the query and in the check_input() function

either change your query to
Code: Select all
INSERT INTO spikes (type, brand, gender, size, hand, new, price, description, imgname, date, name, userid, phone)
   VALUES($type, $brand, $gender,
               $size, $hand, $isNew,
               $price, $desc, $imgname,
               $date, $name, $userid,
               $phone)";


or your function to

Code: Select all
function check_input($value)
{
   // Stripslashes
   if (get_magic_quotes_gpc())
      $value = stripslashes($value);

   // Quote if not a number
   if (!is_numeric($value))
      $value =  mysql_real_escape_string($value);

   return $value;
}
iam4423
New php-forum User
New php-forum User
 
Posts: 50
Joined: Fri Jan 20, 2012 8:00 am


Return to mySQL & php coding

Who is online

Users browsing this forum: Google [Bot] and 2 guests

Sponsored by Sitebuilder Web hosting and Traduzioni Italiano Rumeno and antispam for cPanel.