Page 1 of 1
Can't find what I have done wrong
Posted: Fri Apr 20, 2007 3:38 pm
by andym01480
Code: Select all
$address="INSERT INTO address (add1, add2, town, county, postcode, homephone) VALUES (`{$clean['add1']}`,`{$clean['add2']}`,`{$clean['town']}`,`{$clean['county']}`,`{$clean['postcode']}`,`{$clean['phone']}`)";
echo $address.'<br>';
$result2=mysql_query($address) OR DIE("Couldn't store address".mysql_error());
is outputting this
Code: Select all
INSERT INTO address (add1, add2, town, county, postcode, homephone) VALUES (`streetname`,`areaname`,`town`,`countyname`,`B21 5FE`,``)
Couldn't store addressUnknown column 'streetname' in 'field list'
Sql dump of table structure
Code: Select all
CREATE TABLE `address` (
`address_id` int(11) NOT NULL auto_increment,
`add1` varchar(255) NOT NULL,
`add2` varchar(255) NOT NULL,
`town` varchar(255) NOT NULL,
`county` varchar(255) NOT NULL,
`postcode` varchar(8) NOT NULL,
`homephone` varchar(15) NOT NULL,
PRIMARY KEY (`address_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=3 ;
Where have I gone wrong?
Posted: Fri Apr 20, 2007 3:43 pm
by Weirdan
Use either single (') or double (") quotes to quote values in sql queries. Backticks (`) are used to quote field and table names, not values.
Re: Can't find what I have done wrong
Posted: Fri Apr 20, 2007 3:43 pm
by timvw
[quote="andym01480"]
Code: Select all
INSERT INTO address (add1, add2, town, county, postcode, homephone) VALUES (`streetname`,`areaname`,`town`,`countyname`,`B21 5FE`,``)
Couldn't store addressUnknown column 'streetname' in 'field list'
In MySQL you can escape column names with ``.. but the values need to be between ''.
Thus:
Code: Select all
INSERT INTO address
(
add1,
add2,
...
)
VALUES
(
'streetname',
'areaname',
...
);
(Off-topic: 'clean' seems like a vague name for variables that have been prepared for use in a query... $mysql['add1'] seems more appropriate, but that might be a matter of subjective taste...)
Posted: Fri Apr 20, 2007 4:12 pm
by andym01480
Thanks for the assist.
And yes $clean was a silly choice especially as it is filtered and escaped for mysql!