Hi, I have a problem with a code harness given to me by my tutor.
Every time i enter values into a form, I get the following message:

Warning: mssql_query(): message: Invalid column name 'N56DSRT'. (severity 16) in /web/users/l1099341/SDD/insertCarController.php on line 27 Warning: mssql_query(): General SQL Server error: Check messages from the SQL Server (severity 16) in /web/users/l1099341/SDD/insertCarController.php on line 27

We have to try and insert a car into our database using a form and I get this error message for every field on the form.
The code is:

<!--
insertCarForm.php
gcapper 2013
form for getting new car data
-->
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert Car Form</title>
</head>
<body>
<?php
require_once 'HTMLBuilderFunctions.php';
//use function call to generic select builder for suppliers

//**************************************************************
//edit below with the name of your schema instead of ****
//**************************************************************

$selectHTML = makeSelect('supplierId', 'CarsSchema.Car',true);

//output form
echo <<<_END
<h1>New Car Form</h1>
Please fill in all details and press insert<p/>
<form action="insertCarController.php" method="post">
<input type="text" name="creg" /><br/>
<input type="text" name="cmake" /><br/>
<input type="text" name="cmodel" /><br/>
<input type="text" name="ccolour" /></br>
<input type="text" name="cdate" value="YYYY-MM-DD" /></br>
<select name='csupplier'>
$selectHTML
</select></br>
<input type="submit" value="insert" />
</form>
_END
?>
</body>
</html>

and the controller code is:

<!--
insertCarController.php
gcapper 2013
-->
<?php
require_once 'dbaseConnect.php';

//get form data
//missing is data validation & sanitisation
$reg = $_POST['creg'];
$make = $_POST['cmake'];
$model = $_POST['cmodel'];
$colour = $_POST['ccolour'];
$date = $_POST['cdate'];
$supplier = $_POST['csupplier'];

//set query to insert data
//**************************************************************
//edit below with correct SQL
//**************************************************************
$query = "INSERT INTO [l1099341]
        ([reg], [make], [model], [colour], [date])
        VALUES
        ($reg, $make, $model, $colour, $date)";

//run the query
$result = mssql_query($query);

//check result and output message
if ($result){
$msg = "car inserted";
}
else {
$msg = "insert failed";
}

//goto message page
require 'carMessage.php';
exit();
?>

Try this for your query instead and see if it works

$query = "INSERT INTO [l1099341]
        ([reg], [make], [model], [colour], [date])
        VALUES
        ('$reg', '$make', '$model', '$colour', '$date')";
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.