Member Avatar for SKANK!!!!!

this is the link i got it from:
http://www.learnphponline.com/scripts/email-activation-for-php-forms

this is the error im getting please also consider im n ew and dont know how to find the manual maybe it is a common known thing or something im asking anyways
i wouldnt know waht to look for either its a problem with tha values.
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') VALUES ('admin', '', '', 'female', 'adult', 'washington', 'white', 'single', '' at line 1 i get that its sucky i know i tried the way before the security thing and before and it doesnt work please help i get the same error


then i read this post in this forum: http://www.daniweb.com/forums/thread184950.html but i dont know how to make it work for what im doing. i dont know where to put this thing they are talking about that werked for that person. its sililar to the 1st link i gave but doesnt have the post thing im so confised on what to do to make it work

  • 2 Contributors
  • 8 Replies
  • 157 Views
  • 10 Hours Discussion Span
  • Latest Post Latest Post by SKANK!!!!!

Recommended Answers

All 8 Replies

Member Avatar for jakesee

You should post your entire query and let use know the structure of your table you are querying.

this might be the case that certain values are not accepted by the table structure definition.

Member Avatar for SKANK!!!!!

ok i got the part to work on the injection i had a comma one single comma bu now that it works i hafve all these problems that have arose! for one i have a checkbox in my page witch is here http://www.socialemo.com/register.php and checkboxes u can get more than one checked. and in my case ill check other and illl check not interested and only other will come up in the database in my cpanel.
another big problem is that if i try to register again even after i have validated the registration, for everthing that has been done like i answered female before now i answer female again i get this error:
"""Error: Duplicate entry 'female' for key 4""""
and it goes for everything that has been done before.
my table thing that i used but i added some like gender ip ect... is this:

CREATE TABLE IF NOT EXISTS `users` (
  `id` int(11) NOT NULL auto_increment,
  `status` varchar(20) NOT NULL,
  `username` varchar(20) NOT NULL,
  `password` varchar(20) NOT NULL,
  `email` varchar(20) NOT NULL,
  `activationkey` varchar(100) NOT NULL,
  PRIMARY KEY  (`id`),
  UNIQUE KEY `username` (`username`),
  UNIQUE KEY `email` (`email`),
  UNIQUE KEY `activationkey` (`activationkey`)
) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=9 ;

if thats what u mean. those are my main problems i think there was more but i cant think of them at the moment.

Member Avatar for jakesee

If you have altered the table to include additional fields, then you have to show us. same for your queries also, the full "INSERT ... " statements otherwise we wont know where you went wrong.

I'm guessing you added "UNIQUE KEY `sexuality` (`sexuality`)" which explains why the "female" duplicate error occurs.

For the "other" and "not interested" problem, you HTML is the culprit:

<tr><td>Sexuality: </td><td>
str8:<input type="checkbox" name="sexuality" value="str8" />
gay:<input type="checkbox" name="sexuality" value="gay"/>
bi:<input type="checkbox" name="sexuality" value="bi"/>
not interested:<input type="checkbox" name="sexuality" value="notinterested"/>
other:<input type="checkbox" name="sexuality" value="other"/></td></tr>

all your checkbox <input> use the same variable names so the value of "sexuality" is overwritten with the final checked value, which happens to be "other".

you should use different names like:

<tr><td>Sexuality: </td><td>
str8:<input type="checkbox" name="str8" value="1" />
gay:<input type="checkbox" name="gay" value="1"/>
bi:<input type="checkbox" name="bi" value="1"/>
not interested:<input type="checkbox" name="notinterested" value="1"/>
other:<input type="checkbox" name="other" value="1"/></td></tr>

or Arrays

<tr><td>Sexuality: </td><td>
str8:<input type="checkbox" name="sexuality[0]" value="str8" />
gay:<input type="checkbox" name="sexuality[1]" value="gay"/>
bi:<input type="checkbox" name="sexuality[2]" value="bi"/>
not interested:<input type="checkbox" name="sexuality[3]" value="notinterested"/>
other:<input type="checkbox" name="sexuality[4]" value="other"/></td></tr>

then in you PHP, validate each name (variable) for a value. Only checked ones will have a value.

Member Avatar for SKANK!!!!!

i dont know how to find what i inputted into the phpmyadmin thing to create a database all i know is wherever i found the username i just used the thing that had username and copy and pasted it cause i didnt know what unique value meant or was going to do so i did all the same things for every variable as is shown for username, email, and password, but i still dont understand how i change the checkboxes. i see how it "overwrites" it but i can only post one to the databse table under the variable "sexuality" so i guess each of those will work.? i guess that in the table the mysql thing will only take one answer and not two so ill just make it a drop down box if it wont take two answers.

Member Avatar for jakesee

ok... the flow should go like this:

1. the user visits register.php which shows a form with name-value pairs.

2. the user clicks submits and the name-value pairs will all get submitted to verify.php. if the input is a unchecked checkbox, the value will not be submitted. if the input is radio button, only the selected name-value will be submitted.

3. inside verify.php, you use $_POST[name] to get the value of the posted name-values. Hence, you cannot have 2 name-values with the same name. because there is only one $_POST[name] for each name.

4. after you get all the values, you should be things like error checking, validation and value formatting. value formatting is what you need do to for the "sexuality" values. combine all the values for "sexuality" in what ever way you want into a single value and store this in some other variable.

include this code on the first line in your verify.php to get what I mean

<?php print_r($_POST) ?>

the code will output all the name in $_POST[name] and it's corresponding values.

5. after you have done step 4, INSERT into the database accordingly, making sure you are aware of the structure and restriction of the table you created. Each field can take only one value. so combine your sexuality into one single value. However, you need to get your table right first. If you are not sure, remove all the "UNIQUE ... " and "NOT NULL" from your "CREATE TABLE ..." for a start.

6. the end.

Member Avatar for SKANK!!!!!

ok i deleted the uniqe from the indexes of the ones that were going to be obviously used again. i made the sexuality variable a drop down so theres only one value to chose not two like check boxes made. and i want to put a date in the table so i can get the date. i dont know what the thing that gets inserted into the verify.php means i dont understand. i dont know how to insert stuff into tables. im kinda new. but there is 1 problem i dontknow how to create new variable in the table called date.
ok i put the print POST code in to the verify first line but it didnt do anything because i think because i deleted the unique indexes and the script worked or something so it sent the email instead of displaying the error. thats all it displayed is that it sent the email like normal.

Member Avatar for jakesee

you can use PHPMyAdmin to create the database tables if you do not know how to write your queries. Or you can use this super simple template for creating a table:

CREATE TABLE tablename (
	`id` integer unsigned not null auto_increment primary key,
                `status` text,
                `username` text,
                `password` text,
                `sexuality` text,
                `email` text,
                `date` text,
	`fieldname1` text,
                `fieldname2` text,
	`fieldname3` text,
	`fieldname4` text
)

it's so simple, every field is a text field. note that the last line does not have a comma and the first field is required (preferably).

for inserting data into the database, search www.mysql.com for INSERT clause and www.php.net for mysql_query() function.

I think you need to read up more tutorials first before attempting to create your own forms.

ok. I'm logging off now. Good luck!

Member Avatar for SKANK!!!!!

ok thanks!

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.