Page 1 of 1

SQL Query Problem

Posted: Sun Dec 10, 2006 5:28 am
by danrah
feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


Why doesn't this work? Please?

Code: Select all

<?php                $serializeditems=addslashes($_SESSION['items']); //this field is serialized
		$buyername=addslashes($_POST['name']);
		$telephone=addslashes($_POST['telephone']);
		$paymentmethod=addslashes($_POST['paymentmethod']);
		$address=addslashes($_POST['address']);
		$deliverytime=addslashes($_POST['deliverytime']);
		$email=addslashes($_POST['email']);
                $extrainfo=addslashes($_POST['extrainfo']);

$query="INSERT INTO buyer_details". "(order,buyer_name,buyer_phone,payment_method,address,delivery_time,email,comments) VALUES" . "('$serializeditems','$buyername','$telephone','$paymentmethod','$address','$deliverytime','$email','$extrainfo')";		?>
an SQL syntax error is produced:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order,buyer_name,buyer_phone,payment_method,address,delivery_time,email,comments'


feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]

Re: SQL Query Problem

Posted: Sun Dec 10, 2006 7:36 am
by hrubos
danrah wrote:Why doesn't this work? Please?

Code: Select all

<?php                $serializeditems=addslashes($_SESSION['items']); //this field is serialized
		$buyername=addslashes($_POST['name']);
		$telephone=addslashes($_POST['telephone']);
		$paymentmethod=addslashes($_POST['paymentmethod']);
		$address=addslashes($_POST['address']);
		$deliverytime=addslashes($_POST['deliverytime']);
		$email=addslashes($_POST['email']);
                $extrainfo=addslashes($_POST['extrainfo']);

$query="INSERT INTO buyer_details". "(order,buyer_name,buyer_phone,payment_method,address,delivery_time,email,comments) VALUES" . "('$serializeditems','$buyername','$telephone','$paymentmethod','$address','$deliverytime','$email','$extrainfo')";		?>
an SQL syntax error is produced:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order,buyer_name,buyer_phone,payment_method,address,delivery_time,email,comments'
you have to

Code: Select all

mysql_result($query)
at least.

Posted: Sun Dec 10, 2006 8:26 am
by feyd
An insert query does not return records. mysql_result() is therefore useless.

"order" is a MySQL keyword. Either rename the field so it isn't a keyword or use backticks around it: `foo`

The former is suggested over the latter.

Posted: Sun Dec 10, 2006 5:21 pm
by hrubos
feyd wrote:An insert query does not return records. mysql_result() is therefore useless.

"order" is a MySQL keyword. Either rename the field so it isn't a keyword or use backticks around it: `foo`

The former is suggested over the latter.
aha, yeah , I'm sorry, I have had mistake