4 replies to this topic

[er0x]

ok, so im working on a script that uploads files, sends a message, etc... all in one..

everything works except for inserting into a db. This is where it gets wierd.

I am getting a SYNTAX error for the following...

$from = $_SESSION[Username];
$to = $_POST[touser];
$mess = $_POST[message];
$seen = 'no';
$date = date("m.d.y");
$fname = $filename;
		
$doquery = mysql_query("INSERT INTO files (From, To, Date, Fname, Message, Seen) VALUES('".$from."', '".$to."', '".$date."', '".$fname."', '".$mess."', '".$seen."')")or die ('Error: ' . mysql_error());;

if($doquery)
{
	echo "<h2>Success</h2>";
}
else
{
	echo "<h2>Error</h2>";
}

so, this gives me this error.

Quote

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'From, To, Date, Fname, Message, Seen,) VALUES('aych', 'karl', '11.04.09', 'img1.gif'' at line 1

now.. all i have done is copied this from a working version (below) and changed a couple small variables and stuff... so what is wrong with it?

The working version

	 	$regquery = mysql_query("INSERT INTO users (Username, Password, EmailAddress, FirstName, LastName, Address, State, Zip) VALUES('".$username."', '".$password."', '".$email."', '".$firstname."', '".$lastname."', '".$address."', '".$state."', '".$zip."')")or die ('I cannot connect to the database because: ' . mysql_error());;
		if($regquery)
		{
			echo '<h2>Success</h2>';
			echo '<p>User account for '.$firstname . $lastname .' has been made.</p>';
		}
		else
		{
	 		echo '<h2>Error</h2>';
			echo '<p>Could not register the account please try again</p>';
			echo register_form();	
		}

if the full script is needed i can provide that aswell

Edited by er0x, 04 November 2009 - 02:55 PM.

[derek.sullivan]

sometimes this words and in add `` into your field names eg:

mysql_query("INSERT INTO `tablename` (`whatever`) VALUES('$value') or die (mysql_error());

also, I really don't think you need single quote then double quote with periods.. I think single quote would work just fine with the variable.. also, at the end of your mysql query is double ;; get rid of one of them... try getting rid of the double ; first, then if you still have problems, than try what I first suggested.

[er0x]

yep. had to do both of those. kind of odd bc it works with other variables and such. anywho, thanks for the help. it working great now.

[Demonslay]

I can tell the conflict was the fact that 'FROM' is a keyword for SQL, case insensitive, so it would of course make a syntax error.

[er0x]

yea that ran through my mind but i really wasnt sure if that would matter or not. thanks for making that clear lol