Page 1 of 1
insert error
Posted: Wed Nov 03, 2004 12:59 am
by bimo
I am having problems with a silly little mysql insert statement that I hope someone can help me with. Everytime I run this:
Code: Select all
$query3 = "insert into table employee (emp_fname, emp_lname, emp_id, emp_perm, emp_pass, emp_email) values ($emp_fname, $emp_lname, $emp_id, $emp_perm, $emp_pass, $emp_email)";
I get an error like this where it truncates the query
Check the manual that corresponds to your MySQL server version for the right syntax to use near 'table employee (emp_fname, emp_lname, emp_id, emp_perm, emp_pas
at first it seemed to be cutting it where the line was wrapping but I tried turning wordwrap off and it still didn't work. Is this the kind of thing that something like mysql_escape_string would work on?
Posted: Wed Nov 03, 2004 2:12 am
by timvw
as the error says: read the manual :p varchar values need to be between quotes...
Code: Select all
$query3 = "insert into table employee (emp_fname, emp_lname, emp_id, emp_perm, emp_pass, emp_email) values ('$emp_fname', '$emp_lname', '$emp_id', '$emp_perm', '$emp_pass', '$emp_email')";
doh...
Posted: Wed Nov 03, 2004 7:25 am
by bimo
I'm sorry for asking such a simple, simple question.
..thanks
Posted: Wed Nov 03, 2004 7:54 am
by bimo
it looks like I spoke too soon. It seems to do the same thing. Here's the entire error
Array ( ) cannot insert record: insert into table employee (emp_fname, emp_lname, emp_id, emp_perm, emp_pass, emp_email) values ('Qndres', Swift, 'ahws123', '8', 'bdb123', '
d@b.com'). - You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'table employee (emp_fname, emp_lname, emp_id, emp_perm, em
the code is
Code: Select all
$query3 = "insert into table employee
(emp_fname, emp_lname, emp_id, emp_perm, emp_pass, emp_email)
values ('$emp_fname', '$emp_lname', '$emp_id', '$emp_perm', '$emp_pass', '$emp_email')";
$result3 = mysql_query($query3) or die ("cannot insert record: $query3. - " . mysql_error());
Posted: Wed Nov 03, 2004 8:27 am
by swdev
The syntax for inserting values into a table is
Code: Select all
INSERT INTO
table_name (col1, ...)
VALUES
(val1, ...)
so your code should be
Code: Select all
$query3 = 'INSERT INTO ';
$query3 .= 'employee ';
$query3 .= '(emp_fname, emp_lname, emp_id, emp_perm, emp_pass, emp_email)';
$query3 .= ' VALUES (';
$query3 .= mysql_escape_string($emp_fname);
$query3 .= mysql_escape_string($emp_lname);
$query3 .= mysql_escape_string($emp_id);
$query3 .= mysql_escape_string($emp_perm);
$query3 .= mysql_escape_string($emp_pass);
$query3 .= mysql_escape_string($emp_email);
$query3 .= ')';
$result3 = mysql_query($query3) or die ('cannot insert record: ' . $query3 . ' - ' . mysql_error());
One of the reasons for constructing the query like this, is that is is easy to see if you have forgotten a quote.
Also, any data that you enter into the database should be protected by the mysql_escape_string. This makes sure that if your data contains the quote character, it is correctly escaped.
Hope this helps
Posted: Wed Nov 03, 2004 9:48 am
by Draco_03
don't forget that you might have a space at the end of your row's name. (like i did)
So when you created your table be sure there is nospace (it's sometimes hard to pin point)
if you have phpmyadmin , go look at your table and see if ll name have no spaces.
Posted: Wed Nov 03, 2004 2:18 pm
by bimo
Thanks for your help. all.