Page 1 of 1
"Query is empty"
Posted: Wed Nov 02, 2005 8:44 pm
by joetheeskimo5
I used PHP to send the following query.
It checks to see if the submission type is a link or download, then does the according query.
Code: Select all
// db connection
$connection = mysql_connect("localhost", "username", "pass") or die(mysql_error());
$db = mysql_select_db("dbname", $connection) or die(mysql_error());
// is it a link?
if (($_POST['type'] == "link")) {
$sql = "INSERT INTO links ('url', 'description', 'category') VALUES ('$_POST[url]', '$_POST[description]', '$_POST[category]')";
// or is it a download?
} else if (($_POST['type'] == "download")) {
$sql = "INSERT INTO downloads ('title', 'url', 'description', 'category') VALUES ('$_POST[title]', '$_POST[url]', '$_POST[description]', '$_POST[category]')";
}
// send the query.
$result = mysql_query($sql, $connection) or die(mysql_error());
I checked to see if it's a problem with the form information; it's not - the form sent its info correctly.
What's wrong with my query?
Thanks in advance.
Posted: Wed Nov 02, 2005 8:59 pm
by John Cartwright
Code: Select all
$sql = "INSERT INTO downloads ('title', 'url', 'description', 'category') VALUES ('$_POST[title]', '$_POST[url]', '$_POST[description]', '$_POST[category]')";
to
Code: Select all
$sql = 'INSERT INTO downloads (\'title\', \'url\', \'description\', \'category\') VALUES (\''.$_POST['title'].'\', \''.$_POST['url'].'\', \''.$_POST['description'].'\', \''.$_POST['category'].'\')';
or
Code: Select all
$sql = "INSERT INTO downloads ('title', 'url', 'description', 'category') VALUES ('{$_POST['title']}', '{$_POST['url]'}', '{$_POST['description']}', '{$_POST['category']}')";
and quote your array indices.. eg $_POST[title] -> $_POST['title']
Posted: Wed Nov 02, 2005 9:03 pm
by feyd
other than you have the potential to not actually create $sql, I don't see anything else jumping out at me..
Posted: Thu Nov 03, 2005 3:32 am
by Chris Corbyn
feyd wrote:other than you have the potential to not actually create $sql, I don't see anything else jumping out at me..
mysql_real_escape_string()
Your text-based input may include characters which will break your query.
Posted: Thu Nov 03, 2005 3:53 pm
by joetheeskimo5
Jcart wrote:Code: Select all
$sql = "INSERT INTO downloads ('title', 'url', 'description', 'category') VALUES ('$_POST[title]', '$_POST[url]', '$_POST[description]', '$_POST[category]')";
to
Code: Select all
$sql = 'INSERT INTO downloads (\'title\', \'url\', \'description\', \'category\') VALUES (\''.$_POST['title'].'\', \''.$_POST['url'].'\', \''.$_POST['description'].'\', \''.$_POST['category'].'\')';
I did so, and it still said "query is empty".
Jcart wrote:
or
Code: Select all
$sql = "INSERT INTO downloads ('title', 'url', 'description', 'category') VALUES ('{$_POST['title']}', '{$_POST['url']}', '{$_POST['description']}', '{$_POST['category']}')";
and quote your array indices.. eg $_POST[title] -> $_POST['title']
I did this as well, and it gave me an error...
Parse error: parse error, unexpected T_STRING in /home/eskimoc/public_html/keclan/processsubmission.php on line 208
d11wtq wrote:feyd wrote:other than you have the potential to not actually create $sql, I don't see anything else jumping out at me..
mysql_real_escape_string()
Your text-based input may include characters which will break your query.
I used that function, and MySQL still insists my query was empty. *kicks mySQL*
Any other ideas?

Posted: Thu Nov 03, 2005 4:05 pm
by Charles256
assing your posts to variables..i.e.
and then in your insert just go..
Posted: Thu Nov 03, 2005 4:21 pm
by joetheeskimo5
Wow.
Sorry about that; I ended up figuring it out by echoing $type. It turns out that in the form, (another file), I had acidentally assigned $type to the wrong value. In any case, it was no problem you guys could spot.
Thanks anyway
