Page 1 of 1

simple question

Posted: Sun Apr 28, 2013 12:16 am
by jumpman8947
Hey I'm trying to create a quick sample database. I'm trying to use a form from a html page, then for It to go to a php page and also get imported into my MySQL database. Here is my html code

Code: Select all

  <form method="post" action="Draft.php">
        	<h2>Player Information</h2>
            
            <div><label>Round:</label>
            	<input type="number" name="Round"
                id="Round"> </div>
            
            <div><label>Last Name:</label>
            	<input type="text" name="LastName"
                id="LastName"> </div>
            
            <div><label>First Name:</label>
            	<input type="text" name="FirstName"
                id="FirstName"> </div>
                
            <div><label>College:</label>
            	<input type="text" name="College" 
                id="College"> </div>
                
            <div><label>Position:</label>
            	<input type="text" name="Position"
                id="Position"> </div>
            
            <div><label>Height:</label>
            	<input type="text" name="Height"
                	placeholder="6'0" id="Height"></div>
                
            <div><label>Weight:</label>
            	<input type="number" name="Weight" id="Weight"></div>
                
            <div><label>40-Yard Dash</label>
            	<input type="number" name="Dash"
                	placeholder="4.44" id="Dash"></div><br>
            <div><label>Bench Press</label>
            	<input type="number" name="Bench" id="Bench"></div>
            </div>
            
            <p><input type="submit" name="submit" value="Register"></p>
           </form>
         </body>
 </html>
and my php code

Code: Select all

<?php
		
			
			
			
			
			
			
			$Round = isset($_POST[ "Round" ]) ? $_POST[ "Round" ] : "";
            $LastName = isset($_POST[ "LastName" ]) ? $_POST[ "LastName" ] : "";
            $FirstName = isset($_POST[ "FirstName" ]) ? $_POST[ "FirstName" ] : "";
            $College = isset($_POST[ "College" ]) ? $_POST[ "College" ] : "";
            $Position = isset($_POST[ "Position" ]) ? $_POST[ "Position" ] : "";
            $Height = isset($_POST[ "Height" ]) ? $_POST[ "Height" ] : "";
            $Weight = isset($_POST[ "Weight" ]) ? $_POST[ "Weight" ] : "";
            $Dash = isset($_POST[ "Dash" ]) ? $_POST[ "Dash" ] : "";
            $Bench = isset($_POST[ "Bench" ]) ? $_POST[ "Bench" ] : "";
			
			$query = "INSERT INTO playerindex " .
				"( Round, LastName, FirstName, College, Position, Height, Weight, Dash, Bench ) ".
				"VALUES ( '$Round', '$LastName', '$FirstName', '$College', '$Position', '$Height', '$Weight', '$Dash', '$Bench' )";
			if ( !($database = mysql_connect("localhost",
				"******", "********")))
				die( "<p>Could not connect to database</p></body></html>");
				
			if ( !mysql_select_db( "giants2013draft", $database ) )
				die( "<p>Could not open Giants 2013 Draft database</p>
					</body></html>");
					
			if ( !( $result = mysql_query( $query, $database ) ) )
			{
				print( "<p>Could not execute query!</p>");
				die( mysql_error() . "</body></html>" );
			}
			mysql_close( $database );
		?>
The error I keep encountering is after I input my information for the form page this shows up "Could not execute query!
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '6', '205', '555', '7' )' at line 1"
can't figure out why i'm getting this. error.

Re: simple question

Posted: Sun Apr 28, 2013 9:42 am
by mecha_godzilla
Hi,

Have you tried echo()ing the query string to your browser to see what it looks like after all the dynamic values have been inserted into it? The query itself looks correct, so you need to make sure that the values you're using in the query don't need to be escaped with mysql_real_escape_string() or similar.

HTH,

Mecha Godzilla

Re: simple question

Posted: Sun Apr 28, 2013 11:35 am
by jumpman8947
Thanks For the help. I was putting ' in the height category without escaping the string