 |
| PHP Databases Using PHP in conjunction with databases. PHP questions not specific to databases should be directed to one of the other PHP forums. |
Welcome to the p2p.wrox.com Forums.
You are currently viewing the PHP Databases section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
|
|
|
|
October 27th, 2004, 09:37 AM
|
|
Authorized User
|
|
Join Date: Jul 2004
Posts: 79
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
mysql_query
Dear programmers,
I used the following statements to insert data in mysql
$sql="INSERT INTO `cs_profile` (`id` , `username` , `password` , `secquestion` , `secanswer` , `firstname` , `lastname` , `nick` , `birthdate` , `************` , `dept` , `session` , `yearofpass` , `title` , `org` , `address` , `workphone` , `homephone` , `handphone` , `fax` , `email` , `url` , `notes` , `regdate` ) VALUES (''," . $_POST["username"] . ",password(". $pass .")," . $_POST["secquestion"] . "," . $_POST["secanswer"] . "," . $_POST["firstname"]. "," .$_POST["lastname"]. "," . $_POST["nickname"] . "," . $birthdate . "," . $_POST["************"]. "," .$_POST["dept"]. "," . $_POST["session"] . "," . $_POST["yearofpass"] . "," . $_POST["title"] . "," . $_POST["org"]. "," . $_POST["address"] . "," . $_POST["workphone"] . "," . $_POST["homephone"] . "," . $_POST["handphone"] . "," . $_POST["fax"] . "," . $_POST['email'] . "," .$_POST["homepage"] . "," . $_POST["comment"] . "," . $subdate ." )";
if(!$result=mysql_query($sql))
{
die("Error writing to database<b>".mysql_error());
}
else { echo "Registration Success";}
But when i submit for i receive the error
You have an error in your SQL syntax near '@gmail.com,www.sumon.com,test,10-27-04 )' at line 1
pls. someone help me
Best Regard:
Md. Zakir Hossain (Raju)
www.rubd.net
www.xenex.rubd.net
www.forum.rubd.net
__________________
Best Regard:
Md. Zakir Hossain (Raju)
www.rajuru.xenexbd.com - my blog with PHP scripts, PHP Book Review and many more
|
|
October 27th, 2004, 10:38 AM
|
|
Authorized User
|
|
Join Date: Oct 2004
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
One thing I might suggest is removing the $_POST[] vars from your code and setting them to variables with the corresponding post value. example
$username = $_POST['username'];
it makes it a lot easier to debug errors.
Remove the concatenation because it is not really needed here. Concatenation is best used with ' rather than " because concatenation with ' tend to grant speed. " are all inclusive so everything that is within them are translated by the PHP processor. So if you have "$var" it will read "value". Then in your code to insert in to the database surround your replaced $_POST vars with ''. So you should have INSERT INTO table (field)VALUE ('$field') try some of these changes and let me know if it works.
<>_<>
|
|
October 27th, 2004, 10:47 AM
|
 |
Wrox Author
|
|
Join Date: Jun 2003
Posts: 1,706
Thanks: 0
Thanked 6 Times in 6 Posts
|
|
I strongly disagree with that. Setting extra variables creates extra overhead and makes the script less intuitive to read.
You can add as much space as you need to make the query legible.
Code:
$sql = "INSERT INTO `cs_profile`
(`id` ,
`username` ,
`password` ,
`secquestion` ,
`secanswer` ,
`firstname` ,
`lastname` ,
`nick` ,
`birthdate` ,
`************` ,
`dept` ,
`session` ,
`yearofpass` ,
`title` ,
`org` ,
`address` ,
`workphone` ,
`homephone` ,
`handphone` ,
`fax` ,
`email` ,
`url` ,
`notes` ,
`regdate` )
VALUES ('',
" . $_POST["username"] . ",
password(". $pass ."),
" . $_POST["secquestion"] . ",
" . $_POST["secanswer"] . ",
" . $_POST["firstname"]. ",
" .$_POST["lastname"]. ",
" . $_POST["nickname"] . ",
" . $birthdate . ",
" . $_POST["************"]. ",
" .$_POST["dept"]. ",
" . $_POST["session"] . ",
" . $_POST["yearofpass"] . ",
" . $_POST["title"] . ",
" . $_POST["org"]. ",
" . $_POST["address"] . ",
" . $_POST["workphone"] . ",
" . $_POST["homephone"] . ",
" . $_POST["handphone"] . ",
" . $_POST["fax"] . ",
" . $_POST['email'] . ",
" .$_POST["homepage"] . ",
" . $_POST["comment"] . ",
" . $subdate ." )";
The problem is revealed with this formatting, none of the string values that you're inserting into the database are quoted.
Regards,
Rich
--
[ http://www.smilingsouls.net]
[ http://pear.php.net/Mail_IMAP] A PHP/C-Client/PEAR solution for webmail
|
|
October 27th, 2004, 11:06 AM
|
|
Authorized User
|
|
Join Date: Oct 2004
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Quote:
quote:Originally posted by richard.york
I strongly disagree with that. Setting extra variables creates extra overhead and makes the script less intuitive to read.
|
Thanks for the input. This will definately help me out on later projects. :D
<>_<>
|
|
October 28th, 2004, 08:27 AM
|
|
Authorized User
|
|
Join Date: Jul 2004
Posts: 79
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
I strongly agree with richard.
I did not created variables again becuase I know it uses extra memory which makes the script slow and it is not good practice.
thanks richard for your time. I will apply your suggestion. It is a great way to debug the code. I did not know the system.
also thanks to imaginethis because his suggestion about concetanation will help me greatly.
Best Regard:
Md. Zakir Hossain (Raju)
www.rubd.net
www.xenex.rubd.net
www.forum.rubd.net
|
|
October 28th, 2004, 05:19 PM
|
|
Registered User
|
|
Join Date: Mar 2004
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
shouldn't $_POST['email']
actually be $_POST["email"]
|
|
October 28th, 2004, 06:31 PM
|
|
Friend of Wrox
|
|
Join Date: Nov 2003
Posts: 1,285
Thanks: 0
Thanked 2 Times in 2 Posts
|
|
Quote:
quote:Originally posted by Vanaj
shouldn't $_POST['email']
actually be $_POST["email"]
|
Actually, it's good practice to avoid using double-quotes when there's nothing in the quotes to parse, like a variable. PHP requires more time to parse when it comes across double quotes.
-Snib
Where will you be in 100 years?
Try new FreshView 0.2!
There are only two stupid questions: the one you can't find the answer to and don't ask, and the one that you can find the answer and do ask.
|
|
October 29th, 2004, 03:48 AM
|
|
Authorized User
|
|
Join Date: Jul 2004
Posts: 79
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Thanks Snib
This will help me greatly.
Is there any problem if I write this way
echo "Dear " . $name . ", How are you?";
Best Regard:
Md. Zakir Hossain (Raju)
www.rubd.net
www.xenex.rubd.net
www.forum.rubd.net
|
|
October 29th, 2004, 08:22 AM
|
|
Authorized User
|
|
Join Date: Jul 2004
Posts: 79
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
I used this code
$sql = "INSERT INTO `cs_profile`
(`id` ,
`username` ,
`password` ,
`secquestion` ,
`secanswer` ,
`firstname` ,
`lastname` ,
`nick` ,
`birthdate` ,
`************` ,
`dept` ,
`session` ,
`yearofpass` ,
`title` ,
`org` ,
`address` ,
`workphone` ,
`homephone` ,
`handphone` ,
`fax` ,
`email` ,
`url` ,
`notes` ,
`regdate` )
VALUES ('',
" . $_POST["username"] . ",
password(". $pass ."),
" . $_POST["secquestion"] . ",
" . $_POST["secanswer"] . ",
" . $_POST["firstname"]. ",
" .$_POST["lastname"]. ",
" . $_POST["nickname"] . ",
" . $birthdate . ",
" . $_POST["************"]. ",
" .$_POST["dept"]. ",
" . $_POST["session"] . ",
" . $_POST["yearofpass"] . ",
" . $_POST["title"] . ",
" . $_POST["org"]. ",
" . $_POST["address"] . ",
" . $_POST["workphone"] . ",
" . $_POST["homephone"] . ",
" . $_POST["handphone"] . ",
" . $_POST["fax"] . ",
" . $_POST["email"] . ",
" . $_POST["homepage"] . ",
" . $_POST["comment"] . ",
" . $subdate ." )";
Now i see this error
You have an error in your SQL syntax near '@gmail.com, www.sumon.com, testing, 10-29' at line 47
Best Regard:
Md. Zakir Hossain (Raju)
www.rubd.net
www.xenex.rubd.net
www.forum.rubd.net
|
|
October 29th, 2004, 09:01 AM
|
|
Wrox Author
|
|
Join Date: Jun 2003
Posts: 1,706
Thanks: 0
Thanked 6 Times in 6 Posts
|
|
You have to quote strings before they can be inserted in the database.
Code:
VALUES ('',
'" . $_POST["username"] . "',
password(". $pass ."),
'" . $_POST["secquestion"] . "',
'" . $_POST["secanswer"] . "',
'" . $_POST["firstname"]. "',
'" .$_POST["lastname"]. "',
'" . $_POST["nickname"] . "',
'" . $birthdate . "',
'" . $_POST["************"]. "',
'" .$_POST["dept"]. "',
'" . $_POST["session"] . "',
'" . $_POST["yearofpass"] . "',
'" . $_POST["title"] . "',
'" . $_POST["org"]. "',
'" . $_POST["address"] . "',
'" . $_POST["workphone"] . "',
'" . $_POST["homephone"] . "',
'" . $_POST["handphone"] . "',
'" . $_POST["fax"] . "',
'" .$_POST["homepage"] . "',
'" . $_POST["comment"] . "',
'" . $subdate ."')";
Regards,
Rich
--
[ http://www.smilingsouls.net]
[ http://pear.php.net/Mail_IMAP] A PHP/C-Client/PEAR solution for webmail
|
|
|
