Form Help
Posted: Tue Oct 06, 2009 10:41 am
Here is the form:
Here is the sql connection:
And here is the error I'm getting:

Code: Select all
<?
include("../include/session.php");
?>
<?php
if ($submit) {
$sql = "UPDATE productimages SET
title='".$_POST['title']."',
upjpg='".$_POST['upjpg']."',
uptiff='".$_POST['uptiff']."',
uppng='".$_POST['uppng']."',
chungshi='".$_POST['chungshi']."',
stretchwalker='".$_POST['stretch_walker']."',
akaishi='".$_POST['akaishi']."',
bellamargiano='".$_POST['bellamargiano']."',
mbt='".$_POST['mbt']."',
upthumb='".$_POST['upthumb']."'
where id ='".mysql_real_escape_string($_POST['id'])."'";
$result = mysql_query($sql) or die(mysql_error());
print("Product Added");
} else {
$result = mysql_query("SELECT * FROM productimages WHERE id = '$id'");
while ($row=mysql_fetch_array($result)) {
$id = $row[id];
$uptiff = $row[uptiff];
$upjpg = $row[upjpg];
$uppng = $row[uppng];
$chungshi = $row[chungshi];
$stretchwalker = $row[stretchwalker];
$akaishi = $row[akaishi];
$bellamargiano = $row[bellamargiano];
$mbt = $row[mbt];
$upthumb = $row[upthumb];
}
print ("
<form method=post action=productimages2.php>
Product Title:<br>
<input type=text name=title size=60><br><br>
Choose Categories that this story is relevant to:<br>
<input type=checkbox name=chungshi value=1> Chung Shi<br>
<input type=checkbox name=stretchwalker value=1> Stretchwalker<br>
<input type=checkbox name=akaishi value=1> Akaishi<br>
<input type=checkbox name=bellamargiano value=1> Bellamargiano<br>
<input type=checkbox name=mbt value=1> MBT<br><br>
<table width=500 cellpadding=0 cellspacing=0>
<tr><td colspan=2 class=top><strong>Images</strong></td></tr>
<tr><td>Upload JPG</td><td><br><input type=file name=upjpg></td></tr>
<tr><td colspan=2 class=top> </td></tr>
<tr><td>Upload TIFF</td><td><br><input type=file name=uptiff> </td></tr>
<tr><td colspan=2 class=top> </td></tr>
<tr><td>Upload PNG</td><td><br><input type=file name=uppng> </td></tr>
<tr><td colspan=2 class=top> </td></tr>
<tr><td>Upload Thumbnail</td><td><br><input type=file name=upthumb> </td></tr>
</table>
<br>
<input type=submit name=submit value=submit><br>
<br>
</form>
");
}
?>Code: Select all
<?php
$con = mysql_connect("localhost", "user", "pass");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("database", $con);
$sql = "insert into productimages ('".mysql_real_escape_string($_POST['title'])."', '".mysql_real_escape_string($_POST['chungshi'])."', '".mysql_real_escape_string($_POST['stretchwalker'])."', '".mysql_real_escape_string($_POST['akaishi'])."', '".mysql_real_escape_string($_POST['bellamargiano'])."', '".mysql_real_escape_string($_POST['mbt'])."', '".mysql_real_escape_string($_POST['upjpg'])."', '".mysql_real_escape_string($_POST['uptiff'])."', '".mysql_real_escape_string($_POST['uppng'])."', '".mysql_real_escape_string($_POST['upthumb'])."')";
mysql_query($sql) or die(mysql_error()." <br /> $sql");
echo "The following information was entered into the database<br><br><br>";
echo "<b>Title:</b> $_POST[title]<br>";
echo "Thanks for taking the time to submit your information.";
mysql_close($con);
?>Thanks for any help you can provide.You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''asdfasdf', '', '', '', '1', '', '', '', '', '')' at line 1
insert into productimages ('asdfasdf', '', '', '', '1', '', '', '', '', '')