Error code 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'SQLstring' at line 1
Code: Select all
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Register</title>
<link href="php_styles.css" rel="stylesheet" type="text/css" />
</head>
<body>
<h1>Registration</h1>
<?php
if (empty($_GET['first_name']) || empty($_GET['last_name']) ||
empty($_GET['phone']) || empty($_GET['address']) ||
empty($_GET['city']) || empty($_GET['state']) ||
empty($_GET['zip']) || empty($_GET['email']))
exit("<p>You must enter values in all fields of the New Diver Registration form! Click your browswer's Back button to return to the previous page.</p>");
$DBConnect = @mysqli_connect("localhost", "test", "test")
Or die("<p>Unable to connect to the database server.</p>"
. "<p>Error code " . mysqli_connect_errno()
. ": " . mysqli_connect_error()) . "</p>";
$DBName = "scuba_school";
if (!@mysqli_select_db($DBConnect, $DBName)) {
$SQLstring = "CREATE DATABASE $DBName";
$QueryResult = @mysqli_query($DBConnect, SQLstring)
Or die("<p>Unable to execute the query</p>"
. "<p>Error code " . mysqli_errno($DBConnect)
. ": " . mysqli_error($DBConnect)) . "</p>";
echo "<p>Successfully created the database.</p>";
mysqli_select_db($DBConnect, $DBName);
$TableName = "divers";
$SQLstring = "SELECT * FROM $TableName";
$QueryResult = @mysqli_query($DBConnect, $SQLstring);
if (!$QueryResult) {
$SQLstring = "CREATE TABLE divers (diverID SMALLINT NOT NULL AUTO_INCREMENT PRIMARY KEY, First VARCHAR(40), Last VARCHAR(40),
Phone VARCHAR(40), Address VARCHAR(40), City VARCHAR(40), State VARCHAR(2), Zip VARCHAR(10))";
$QueryResult = @mysqli_query($DBConnect, $SQLstring)
Or die("<p>Unable to create the divers table.</p>"
. "<p>Error code " . mysqli_errno($DBConnect)
. ": " . mysqli_error($DBConnect)) . "</p>";
echo "<p>Successfully created the divers table.</p>";
}
}
$First = addslashes($_GET['first_name']);
$Last = addslashes($_GET['last_name']);
$Phone = addslashes($_GET['phone']);
$Address = addslashes($_GET['address']);
$City = addslashes($_GET['city']);
$State = addslashes($_GET['state']);
$Zip = addslashes($_GET['zip']);
$Email = addslashes($_GET['email']);
$SQLstring = "INSERT INTO divers VALUES(NULL, '$First', '$Last', '$Phone', '$Address', '$City', '$State', '$Zip')";
$QueryResult = @mysqli_query($DBConnect, $SQLstring)
Or die("<p>Unable to execute the query.</p>"
. "<p>Error code " . mysqli_errno($DBConnect)
. ": " . mysqli_error($DBConnect)) . "</p>";
$DiverID = mysqli_insert_id($DBConnect);
mysqli_close($DBConnect);
?>
<p>Thanks <?= $First ?>! Your new diver ID is <strong><?= $DiverID ?></strong>.</p>
<form action="CourseListings.php" method="get">
<p><input type="submit" value="Register for Classes" />
<input type="hidden" name="diverID" value="<?= $DiverID ?>" /></p>
</form>
</body>
</html>