[PHP] Strange MySQL Problem
Hello there, Here's a short PHP script a friend has written, and given to me to test. However, I am getting a MySQL error saying that the syntax error, on the line that contains mysql_connect(); is wrong, near '')' (note that it is not a PHP error, but a MySQL error.) Here's the code: [code] ?php $username = root; $password = abc; $con = mysql_connect(, $username, $password); mysql_select_db (test, $con); $sql = INSERT INTO BOOK(bookname, authorsname, ISBN) VALUES ('$_POST[bookname]', '$_POST[authorsname]', $_POST[ISBN]'); if (!mysql_query($sql, $con)) { die( 'error: ' . mysql_error()); } echo 1 record added; mysql_close($con) ? [/code] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Strange MySQL Problem
Hello Parham, i think you should change this: $sql = INSERT INTO BOOK(bookname, authorsname, ISBN) VALUES ('$_POST[bookname]', '$_POST[authorsname]', $_POST[ISBN]'); to this: $sql = INSERT INTO BOOK(bookname, authorsname, ISBN) VALUES ('.$_POST[bookname].', '.$_POST[authorsname].', '.$_POST[ISBN].'); best regards Jochen Parham Doustdar schrieb: Hello there, Here's a short PHP script a friend has written, and given to me to test. However, I am getting a MySQL error saying that the syntax error, on the line that contains mysql_connect(); is wrong, near '')' (note that it is not a PHP error, but a MySQL error.) Here's the code: [code] ?php $username = root; $password = abc; $con = mysql_connect(, $username, $password); mysql_select_db (test, $con); $sql = INSERT INTO BOOK(bookname, authorsname, ISBN) VALUES ('$_POST[bookname]', '$_POST[authorsname]', $_POST[ISBN]'); if (!mysql_query($sql, $con)) { die( 'error: ' . mysql_error()); } echo 1 record added; mysql_close($con) ? [/code] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Strange MySQL Problem
Hi there, Does it differ? I thought when in quotations, variables like that would be automatically interpreted? Also, the MySQL is meant to connect to localhost. I had emptied it for testing purposes. With or without it, I get the same error. Jochen Schultz jschu...@sportimport.de wrote in message news:4b25fb8e.3040...@sportimport.de... Hello Parham, i think you should change this: $sql = INSERT INTO BOOK(bookname, authorsname, ISBN) VALUES ('$_POST[bookname]', '$_POST[authorsname]', $_POST[ISBN]'); to this: $sql = INSERT INTO BOOK(bookname, authorsname, ISBN) VALUES ('.$_POST[bookname].', '.$_POST[authorsname].', '.$_POST[ISBN].'); best regards Jochen Parham Doustdar schrieb: Hello there, Here's a short PHP script a friend has written, and given to me to test. However, I am getting a MySQL error saying that the syntax error, on the line that contains mysql_connect(); is wrong, near '')' (note that it is not a PHP error, but a MySQL error.) Here's the code: [code] ?php $username = root; $password = abc; $con = mysql_connect(, $username, $password); mysql_select_db (test, $con); $sql = INSERT INTO BOOK(bookname, authorsname, ISBN) VALUES ('$_POST[bookname]', '$_POST[authorsname]', $_POST[ISBN]'); if (!mysql_query($sql, $con)) { die( 'error: ' . mysql_error()); } echo 1 record added; mysql_close($con) ? [/code] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Strange MySQL Problem
Salaaam $sql = INSERT INTO BOOK(bookname, authorsname, ISBN) VALUES ('.$_POST[bookname].'' , '.$_POST[authorsname].',''.$_POST[ISBN].'); above line is correct, your code is wrong ,$_POST[ISBN]'); and add $host = 'localhost'; $con = mysql_connect($host, $username, $password); you can also check this page: http://php.net/manual/en/function.mysql-connect.php Regards, Shahrzad
Re: [PHP] Strange MySQL Problem
Thank you, everyone. All fixed. metastable list...@metastable-services.net wrote in message news:4b260641.80...@metastable-services.net... Parham Doustdar wrote: Hi there, Does it differ? I thought when in quotations, variables like that would be automatically interpreted? Also, the MySQL is meant to connect to localhost. I had emptied it for testing purposes. With or without it, I get the same error. Jochen Schultz jschu...@sportimport.de wrote in message news:4b25fb8e.3040...@sportimport.de... Hello Parham, i think you should change this: $sql = INSERT INTO BOOK(bookname, authorsname, ISBN) VALUES ('$_POST[bookname]', '$_POST[authorsname]', $_POST[ISBN]'); to this: $sql = INSERT INTO BOOK(bookname, authorsname, ISBN) VALUES ('.$_POST[bookname].', '.$_POST[authorsname].', '.$_POST[ISBN].'); best regards Jochen Parham Doustdar schrieb: Hello there, Here's a short PHP script a friend has written, and given to me to test. However, I am getting a MySQL error saying that the syntax error, on the line that contains mysql_connect(); is wrong, near '')' (note that it is not a PHP error, but a MySQL error.) Here's the code: [code] ?php $username = root; $password = abc; $con = mysql_connect(, $username, $password); mysql_select_db (test, $con); $sql = INSERT INTO BOOK(bookname, authorsname, ISBN) VALUES ('$_POST[bookname]', '$_POST[authorsname]', $_POST[ISBN]'); if (!mysql_query($sql, $con)) { die( 'error: ' . mysql_error()); } echo 1 record added; mysql_close($con) ? [/code] Exactly the opposite. Use double quotes for interpolation. Moreover, you would still get an error, as mysql requires text columns to be escaped. Use Jochens code. Also: SQL injection ! -- http://en.wikipedia.org/wiki/SQL_injection HTH, Stijn -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Strange MySQL Problem
You're missing a tick in the query. There should be a tick before the $_POST[ISBN]. Take care, Floyd On Dec 14, 2009, at 3:41 AM, Parham Doustdar wrote: Hello there, Here's a short PHP script a friend has written, and given to me to test. However, I am getting a MySQL error saying that the syntax error, on the line that contains mysql_connect(); is wrong, near '')' (note that it is not a PHP error, but a MySQL error.) Here's the code: [code] ?php $username = root; $password = abc; $con = mysql_connect(, $username, $password); mysql_select_db (test, $con); $sql = INSERT INTO BOOK(bookname, authorsname, ISBN) VALUES ('$_POST[bookname]', '$_POST[authorsname]', $_POST[ISBN]'); if (!mysql_query($sql, $con)) { die( 'error: ' . mysql_error()); } echo 1 record added; mysql_close($con) ? [/code] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Strange MySQL Problem
At 1:12 PM +0330 12/14/09, Parham Doustdar wrote: Thank you, everyone. All fixed. Really?!? I think you would be well advised to sanitize the values coming into from a public $_POST. That habit allows MySQL injection problems. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php