why is this script not working

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
balamberas
Forum Newbie
Posts: 10
Joined: Fri Mar 06, 2009 12:36 pm

why is this script not working

Post by balamberas »

Hi, i have another html form that inserts data fine to the same server. Can you see anything wrong with this script. i get this error msg
"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'when, venue, address, postCode, description,image, image1, image2, image3, image' at line 1"

Code: Select all

<?php

include("connect.php");


if (isset($_POST['submit'])){
 }

mysql_query ("INSERT INTO parties (type, night, when, venue, address, postCode, description,image, image1, image2, image3, image4, contactEmail, number, email, password, conpass)
  VALUES 
  ('$_POST[type]','$_POST[night]','$_POST[when]', '$_POST[venue]','$_POST[address]', '$_POST[postCode]', '$_POST[description]', '$_POST[image]', '$_POST[image1]', 
 '$_POST[image2]', '$_POST[image3]', '$_POST[image4]','$_POST[contactEmail]','$_POST[number]','$_POST[email]','$_POST[password]','$_POST[confirmPassword]' )")
or die(mysql_error());

echo "Data inserted!";

?> 
jraede
Forum Contributor
Posts: 254
Joined: Tue Feb 16, 2010 5:39 pm

Re: why is this script not working

Post by jraede »

Try wrapping each column name with backticks (`). E.g. `type`, `night`, `date`, etc.
User avatar
BKiddo
Forum Newbie
Posts: 6
Joined: Tue May 04, 2010 4:00 pm
Location: UK

Re: why is this script not working

Post by BKiddo »

Also you have your second brace } in the wrong place. It needs to go at the end of your code.
jraede
Forum Contributor
Posts: 254
Joined: Tue Feb 16, 2010 5:39 pm

Re: why is this script not working

Post by jraede »

Right, missed that. That code's going to execute regardless of whether $_POST['submit'] is set or not.

Additionally, you should be escaping all that data to prevent mysql injections.
Post Reply