I have the following code:

$fieldsClause = array();
$bindArray = array();
$fields = array('status','fname','middle','lname','address','city','state','zip','county','mailing','hphone','mphone','wphone','ext','fax','email','ethgroup','other1','occupation','poe','dob','gender','bhv','mrc','general','evv','allCounties','fillmore','johnson','otoe','richardson','seward','butler','gage','lancaster','pawnee','saline','thayer','cass','jefferspm','nemaha','polk','saunders','york','other2','aro','clergy','intskills','bus','child','law','cpr','data','security','emergency','computer','mechanical','administration','firstaid','translation','construction','basicclean','foodprep','animalcare','heavy','dataentry','identification','phone','runner','greeter','interviewer','safety','other2','interpt','cdl','cpryn','translate','other3','license1','verf1','num1','exp1','license2','verf2','num2','exp2','license3','verf3','num3','exp3','license4','verf4','num4','exp4','license5','verf5','num5','exp5','lsrd','syes','bcert','pauth','dist1','tdate1','dist2','tdate2','dist3','tdate3','dist4','tdate4','dist5','tdate5','felony','felonys','ename','erelation','ehphone','eaddress','ecity','ezip','hdyhau','bdesc','record');
foreach($fields as $field){
 if($san = filter_input(INPUT_POST, $field, FILTER_SANITIZE_STRING)) {
     $fieldClause[] = "`$field` = :$field";
     $bindArray[":field"] = $san;
$sql = "INSERT INTO volunDB(";
if (!empty($fieldClause)) $sqlF = implode(', ', $fieldClause);
$stmtString = $sql;
if(isset($sqlF)) {
    $stmtString .= $sqlF .")";
$dbh = new PDO('mysql:host=localhost;dbname=petrzilk_test;charset=utf8','petrzilk_dbAdmin', '');
$dbh->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
echo $stmtString;
$stmt = $dbh->prepare($stmtString);

And I get an error:

Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '= ?, fname = ?, middle = ?, lname = ?, address = ?, county = ?, ethgroup = ?, ge' at line 1' in /home/petrzilk/public_html/Database/testaddVolunteer.php:24 Stack trace: #0 /home/petrzilk/public_html/Database/testaddVolunteer.php(24): PDO->prepare('INSERT INTO vol...') #1 {main} thrown in /home/petrzilk/public_html/Database/testaddVolunteer.php on line 24

I am trying to simplify the following code: http://pastebin.com/8He9JYRt

I am going off of a code that diafol helped with. The code that is working that this is based off of is for searching. The code can be seen: http://pastebin.com/PE70ucux

Am I missing something huge here or am I just missing a minor detail. I've tried debugging, but I can't seem to figure out the exact problem. The only thing I could think of was if something like fname, lname, ... VALUES :fname, :lname, ... had to be done or if I can do the fname = :fname, lname = :lname, ...

Recommended Answers

All 3 Replies

Member Avatar

Show us what echo $stmtString gives.

After selected a bunch of Random values I got this:

INSERT INTO VolunDB(status, fname, middle, lname, address, city, state, county, mailing, hphone, mphone, wphone, ext, fax, email, ethgroup, other1, occupation, poe, dob, gender, mrc, general, otoe, pawnee, child, data, safety, license1, verf1, num1, exp1, lsrd, syes, bcert, pauth, dist2, record) VALUES (:status, :fname, :middle, :lname, :address, :city, :state, :county, :mailing, :hphone, :mphone, :wphone, :ext, :fax, :email, :ethgroup, :other1, :occupation, :poe, :dob, :gender, :mrc, :general, :otoe, :pawnee, :child, :data, :safety, :license1, :verf1, :num1, :exp1, :lsrd, :syes, :bcert, :pauth, :dist2, :record)

This was a edited verson where I changed it to the 'value' VALUES :value version instead of 'value' = :value

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.