the bad syntax and implode warning blues

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
Obadiah
Forum Regular
Posts: 580
Joined: Mon Jul 31, 2006 9:13 am
Location: Ashland, KY
Contact:

the bad syntax and implode warning blues

Post by Obadiah »

hey guys,
im still on the registration part of my form and im getting towards what seems to be the end of my project and i get these 2 errors


Warning: implode() [function.implode]: Bad arguments. on line 132

Warning: implode() [function.implode]: Bad arguments. on line 133
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'create_date,password) VALUES ("","2006-08-15",md5('Register'))' at line 1


the only thing that line 132, and 133 contains is

Code: Select all

$fields_str = implode(",",$fields); 
      $values_str = implode('","',$values);
and it also says something to the effect that im using wrong syntax for create date and password at line one(i guess) when all im using in the else block is

Code: Select all

else { 
      $today = date("Y-m-d"); 
      $fields_str = implode(",",$fields); 
      $values_str = implode('","',$values); 
      $fields_str .=",create_date"; 
      $values_str .='"'.",".'"'.$today; 
      $fields_str .=",password"; 
      $values_str .= '"'.","."md5"."('".$password."')"; 
      $sql = "INSERT INTO $table_name "; 
      $sql .= "(".$fields_str.")"; 
      $sql .= " VALUES "; 
      $sql .= "(".'"'.$values_str.")"; 
      mysqli_query($cxn,$sql) or die(mysqli_error($cxn)); 
      $_SESSION['auth']="yes"; 
      $_SESSION['logname']=$user_name;
what am i doing wrong here?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Are you sure $fields and $values are arrays?

As for your mysql error.. make sure to use backticks around database, table and field references.

Code: Select all

...FROM `table`
for example.
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

how are you creating your $fields and $values array?
User avatar
Obadiah
Forum Regular
Posts: 580
Joined: Mon Jul 31, 2006 9:13 am
Location: Ashland, KY
Contact:

Post by Obadiah »

well, its an array i guess sort of indirectly here is the file that contains those two arguments

Code: Select all

<?php 
session_start(); 
include("functions_main.php"); 
$table_name = "Customer"; 
$next_program = "SecretPage.php"; 

switch(@$_POST['Button']) { 
  case "Login": 
    $cxn = Connect_to_db("Vars.php"); 
    $sql = "SELECT user_name FROM $table_name 
                        WHERE user_name='$_POST[fusername]'"; 
    $result = mysqli_query($cxn,$sql) or die("Coulden't execute query 1"); 
    $num = mysqli_num_rows($result); 
    if($num == 1) { 
      $sql = "SELECT user_name FROM $table_name 
                                WHERE user_name='$_POST[fusername]' 
                                AND password=md5('$_POST[fpassword]')"; 
      $result2 = mysqli_query($cxn,$sql) 
      or die("Coulden't execute query 2"); 
      $row = mysqli_fetch_assoc($result2); 
      if($row) { 
        $_SESSION['auth']="yes"; 
        $_SESSION['logname']=$_POST['fusername']; 
        header("Location: $next_program"); 
      } else { 
        $message_1="The Login Name, '$_POST[fusername]' 
                                        exist, but you have not entered the 
                                        correct password! Please try again.<br>"; 
        extract($_POST); 
        include("fields_login.php"); 
        include("double_form.php"); 
      } 
    } elseif($num == 0) { 
       //login name not found 
      $message_1 = "The User Name you entered does not 
                                        exist! Pease try again.<br>"; 
      include("fields_login.php"); 
      include("double_form.php"); 
    } 
  break; 

  case "Register": 
    /* Check for blanks */ 
    foreach($_POST as $field => $value) { 
      if($field != "fax") { 
        if($value == "") { 
          $blanks[] = $field; 
        } 
      } 
    } 
    if(isset($blanks)) { 
      $message_2 = "The Following fields are blank. 
                                        Please enter the required information: "; 
      foreach($blanks as $value) { 
        $message_2 .="$value, "; 
      } 
      extract($_POST); 
      include("fields_login.php"); 
      include("double_form.php"); 
      exit(); 
    } 
    /* validate data */ 
    foreach($_POST as $field => $value) { 
      if(!empty($value)) { 
        if(eregi("name",$field) and !eregi("user",$field) and !eregi("log",$field)) { 
          if(!ereg("^[A-Za-z' -]{1,50}$",$value)) { 
            $errors[] = "$value is not a valid name."; 
          } 
        } 
        if(eregi("street",$field) or eregi("addr",$field) or eregi("city",$field)) { 
          if(!ereg("^[A-Za-z0-9.,' -]{1,50}$",$value)) { 
            $errors[] = "$value is not a valid address or city."; 
          } 
        } 
        if(eregi("state",$field)) { 
          if(!ereg("[A-Za-z]",$value)) { 
            $errors[] = "$value is not a valid state."; 
          } 
        } 
        if(eregi("email",$field)) { 
          if(!ereg("^.+@.+\\..+$",$value)) { 
            $errors[] = "$value is not a valid email address."; 
          } 
        } 
        if(eregi("zip",$field)) { 
          if(!ereg("^[0-9]{5,5}(\-[0-9]{4,4})?$",$value)) { 
            $errors[] = "$value is not a valid zipcode."; 
          } 
        } 
        if(eregi("phone",$field) or eregi("fax",$field)) { 
          if(!ereg("^[0-9)(xX -]{7,20}$",$value)) { 
            $errors[] = "$value is not a valid phone number."; 
          } 
        } 
      } 
    } 
    foreach($_POST as $field => $value) { 
      if(field != "password") { 
        $password = strip_tags(trim($value)); 
      } else { 
        $fields[]=$field; 
        $value = strip_tags(trim($value)); 
        $values[] = addslashes($value); 
        $$field = $value; 
      } 
    } 

    if(@is_array($errors)) { 
      $message_2 = ""; 
      foreach($errors as $value) { 
        $message_2 .= $value." Please try again<br />"; 
      } 
      include("fields_login.php"); 
      include("double_form.php"); 
      exit(); 
    } 
    $user_name = $_POST['user_name']; 

    /* check to see if user name already exist */ 
    $cxn = Connect_to_db("Vars.php"); 
    $sql = "SELECT user_name FROM $table_name WHERE user_name='$user_name'"; 
    $result = mysqli_query($cxn,$sql) or die("Coulden't execute query."); 
    $num = mysqli_num_rows($result); 
    if($num > 0) { 
      $message_2 = "$user_name already used. Select another 
                                                User Name."; 
      include("fields_login.php"); 
      include("double_form.php"); 
      exit(); 
    } else { 
      $today = date("Y-m-d"); 
      $fields_str = implode(",",$fields); 
      $values_str = implode('","',$values); 
      $fields_str .=",create_date"; 
      $values_str .='"'.",".'"'.$today; 
      $fields_str .=",password"; 
      $values_str .= '"'.","."md5"."('".$password."')"; 
      $sql = "INSERT INTO $table_name "; 
      $sql .= "(".$fields_str.")"; 
      $sql .= " VALUES "; 
      $sql .= "(".'"'.$values_str.")"; 
      mysqli_query($cxn,$sql) or die(mysqli_error($cxn)); 
      $_SESSION['auth']="yes"; 
      $_SESSION['logname']=$user_name; 

      /* send email to new Customer */ 

      $emess = "You have successfully registered."; 
      $emess .= "Your new user name and password are:"; 
      $emess .= "\n\n\t$user_name\n\t"; 
      $emess .= "password\n\n"; 
      $emess .= "We apprieciate your interest. \n\n"; 
      $emess .= "If you have any questions or problems,"; 
      $emess .= " email obadiah_00@hotmil.com"; 
      $subj .= "Your new customer registration"; 
      $mailsend=mail("$email","$subj","$emess"); 
      header("Location: $next_program"); 
    } 
  break; 

  default: 
    include("fields_login.php"); 
    include("double_form.php"); 
} 
?>
in one of the for each loops it has

Code: Select all

foreach($_POST as $field => $value) { 
      if(field != "password") { 
        $password = strip_tags(trim($value)); 
      } else { 
        $fields[]=$field; 
        $value = strip_tags(trim($value)); 
        $values[] = addslashes($value); 
        $$field = $value; 
      }
the other arrays are being pulled from another file called fields_login.php and just contains

Code: Select all

<?php
$page = array(  "title" => "Customer Login Page", 
		"top" => " ",
		"bottom" => "Send questions and comments 
				to Obadiah_00@hotmail.com",
		);

$elements_1 = array(	"top" => "Returning Customers:
				<span style=\"font-size: 80%;
				font-weight: 100%\">
				<i>Login here</i></span>",
			"bottom" => "",
			"submit" => "Login"
			);

$elements_2 = array(	"top" => "New Customers:
				<span style=\"font-size: 80%;
				font-weight: 100%\">
				<i>Register here</i></span>",
			"bottom" => "",
			"submit" => "Register"
			);

$fields_1 = 	array(  "fusername" => "User Name",
			"fpassword" => "Password"
			);
$length_1 = 	array(  "fusername" => "10",
			"fpassword" => "10"
			);

$fields_2 = 	array(	"user_name"	=> "User Name",
			"password"	=> "Password",
			"email"		=> "Email Address",
			"first_name"	=> "First Name",
			"last_name"	=> "Last Name",
			"street"	=> "Street",
			"city"		=> "City",
			"state"		=> "State",
			"zip"		=> "Zip",
			"phone"		=> "Phone",
			"Fax"		=> "Fax",
			);
$length_2 = 	array(	"user_name"	=> "20",
			"password"	=> "8",
			"email"		=> "55",
			"first_name"	=> "40",
			"last_name"	=> "40",
			"street"	=> "55",
			"city"		=> "40",
			"zip"		=> "10",
			"phone"		=> "15",
			"Fax"		=> "15",
			);
?>
the tutorial didnt include a specific array for those 2 fields like the ones in the above file
User avatar
Obadiah
Forum Regular
Posts: 580
Joined: Mon Jul 31, 2006 9:13 am
Location: Ashland, KY
Contact:

Post by Obadiah »

i also went ahead and checked the database to make sure i was using the right names(making sure i didnt have any mispells) and everything seemed to match up
Post Reply