0
<?php
$con = mysql_connect('localhost', 'leto_hostes', 'password_hidden');
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("letohost_player", $con);

$sql="INSERT INTO `letohost_user`.`player` (`USER_ID` ,`USERNAME` ,`PASSWORD` ,`EMAIL` ,`POSITION` ,`ACTIVE` ,`MEMBER` )
VALUES (NULL , '$_POST[register_username]', 'md5($_POST[register_password])', '$_POST[register_email]', '0', '0', '0');)";

if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
echo "1 record added";

mysql_close($con)
?>
4
Contributors
10
Replies
11
Views
7 Years
Discussion Span
Last Post by diafol
0

My error with this code when somebody tries to register is:

Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 2
0

Yes EE.

$sql="INSERT INTO `letohost_user`.`player` (`USER_ID` ,`USERNAME` ,`PASSWORD` ,`EMAIL` ,`POSITION` ,`ACTIVE` ,`MEMBER` )
VALUES (NULL , '$_POST[register_username]', 'md5($_POST[register_password])', '$_POST[register_email]', '0', '0', '0');)";

But LH, please use the correct syntax. Even with encased array vars, the array member should be quoted - either with single or double quotes:

"...{$_POST['register_password']}..."
OR
"...{$_POST[\"register_password\"]}..."
AND
"...{$_POST['register_email']}..."
OR
"...{$_POST[\"register_email\"]}..."

Edited by diafol: n/a

0

Is it the same with the md5 variable? And thank you for the help on this script. I'm not that good when it comes to PHP and SQL.. How did i not use the right syntax? :S

0

Okay, After editting the script, i now recieve the error:

Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/letohost/public_html/register.php  on line 11

line 11 new syntax:

$sql="INSERT INTO `letohost_user`.`player` (`USER_ID` ,`USERNAME` ,`PASSWORD` ,`EMAIL` ,`POSITION` ,`ACTIVE` ,`MEMBER` )
VALUES (NULL , {$_POST['register_username']}, {md5($_POST['register_password']}), {$_POST['register_email']}, '0', '0', '0');)";

Edited by leto-hostes.com: n/a

0

no quotes on table names column names

mysql_query("INSERT INTO Persons (FirstName, LastName, Age) VALUES ('Peter', 'Griffin', '35')");
// so
$sql="INSERT INTO letohost_user.player (USER_ID, USERNAME, PASSWORD, EMAIL, POSITION, ACTIVE, MEMBER) VALUES (NULL, {$_POST['register_username']}, {md5($_POST['register_password']}), {$_POST['register_email']}, '0', '0', '0');)";

http://www.w3schools.com/php/php_mysql_insert.asp

Edited by almostbob: n/a

0

@almostbob

I've added the script you wrote there and i'm still recieving the same error..

0

not added, example code only

read the link provided to find the correct format and edit your code

I've done that too and it still isn't working..

0

Notice you use VALUES syntax. I prefer the SET syntax so that I know everything (fields + values) match up. THis obviously has its limitations, but has saved hours in trying to disentangle my statements.

$sql="INSERT INTO letohost_user.player (USER_ID, USERNAME, PASSWORD, EMAIL, POSITION, ACTIVE, MEMBER) VALUES (NULL, {$_POST['register_username']}, {md5($_POST['register_password']}), {$_POST['register_email']}, '0', '0', '0');)";

BECOMES

$md5p = md5($_POST['register_password']); 

$sql="INSERT INTO letohost_user.player SET `USERNAME` = '{$_POST['register_username']}', `PASSWORD` = '$md5p', `EMAIL` = '{$_POST['register_email']}', `POSITION` = 0, `ACTIVE` = 0, `MEMBER` = 0";

I'm not saying that this is better, just an option. I usually echo out the statement to find any obvious errors:

echo $sql;

In addition, if I get an error, but can't see the issue, I'll paste the echoed statement into my DB GUI (sqlYOG or phpmyadmin) SQL box and run it there. I tweak the SQL manually until I get it to work before returning to the php for adjustments. Just my two-penneth worth.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.