Trying ti insert user name in database

Question

BilalAKhan 12 Newbie Poster

12 Years Ago

Hi,
Can anyone please tell me whats wrong with this piece of code? I am trying to insert email (user name)in the database. This thing is now getting on my nerves.

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form")) {
  $insertSQL = sprintf("INSERT INTO blog (title, specialization, message) VALUES (%s, %s, %s, ".$_SESSION['MM_Username'].")",
                       GetSQLValueString($_POST['title'], "text"),
                       GetSQLValueString($_POST['specialization'], "text"),
                       GetSQLValueString($_POST['words'], "text"));

  mysql_select_db($database_con_reg, $con_reg);
  $Result1 = mysql_query($insertSQL, $con_reg) or die(mysql_error());

This is producing the following error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@hotmail.com)' at line 1

Can anyone please help me with this piece of code? Any help will be highly appreciated.

Regards,

Bilal A. Khan

php

4 Contributors
8 Replies
197 Views
1 Day Discussion Span
Latest Post 12 Years Ago Latest Post by fobos

All 8 Replies

qazplm114477 14 Junior Poster

12 Years Ago

the problem lies with your query. You only have 3 fields specified but 4 values.

it should be something like this

INSERT INTO blog (title, specialization, message, user) VALUES (%s, %s, %s, ".$_SESSION['MM_Username'].")

I'm not sure what the field is for but replace user with what ever field you use.

simplypixie 123 Posting Pro in Training

12 Years Ago

Sorry, I forgot the ( ) around the values, so it should be

$insertSQL = "INSERT INTO blog (title, specialization, message, email) VALUES (' " . mysql_real_escape_string($_POST['title'])  . " ', ' " . mysql_real_escape_string($_POST['specialization']) . " ', ' " . mysql_real_escape_string($_POST['words']) . " ', ' " . mysql_real_escape_string($_SESSION['MM_Username']) . " ')";

  mysql_select_db($database_con_reg, $con_reg);
  $Result1 = mysql_query($insertSQL, $con_reg) or die(mysql_error());

Edited 12 Years Ago by simplypixie because: n/a

BilalAKhan commented: Solved my problem... thanx a million. +1

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

BilalAKhan 12 Newbie Poster · Answer 1 · 2011-12-20T02:57:56+00:00

the problem lies with your query. You only have 3 fields specified but 4 values.
it should be something like this
INSERT INTO blog (title, specialization, message, user) VALUES (%s, %s, %s, ".$_SESSION['MM_Username'].")
I'm not sure what the field is for but replace user with what ever field you use.

Hi,

Thank you very much for the reply. I tried the following but nothing happed. Getting the same error.

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form")) {
  $insertSQL = sprintf("INSERT INTO blog (title, specialization, message,email) VALUES (%s, %s, %s, ".$_SESSION['MM_Username'].")",
                       GetSQLValueString($_POST['title'], "text"),
                       GetSQLValueString($_POST['specialization'], "text"),
                       GetSQLValueString($_POST['words'], "text"));

  mysql_select_db($database_con_reg, $con_reg);
  $Result1 = mysql_query($insertSQL, $con_reg) or die(mysql_error());

Any other clues for this error? Still getting the error given below:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@hotmail.com)' at line 1

Regards,

Bilal A. Khan

simplypixie 123 Posting Pro in Training · Answer 2 · 2011-12-20T13:12:00+00:00

Why is you query so complex, simplify it to:

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form")) {
  $insertSQL = "INSERT INTO blog (title, specialization, message, email) VALUES ' " . mysql_real_escape_string($_POST['title')  . " ', ' " . mysql_real_escape_string($_POST['specialization']) . " ', ' " . mysql_real_escape_string($_POST['words']) . " ', ' " . mysql_real_escape_string($_SESSION['MM_Username']) . " ' ";

  mysql_select_db($database_con_reg, $con_reg);
  $Result1 = mysql_query($insertSQL, $con_reg) or die(mysql_error());
}

BilalAKhan 12 Newbie Poster · Answer 3 · 2011-12-20T14:59:03+00:00

Why is you query so complex, simplify it to:

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form")) {
  $insertSQL = "INSERT INTO blog (title, specialization, message, email) VALUES ' " . mysql_real_escape_string($_POST['title')  . " ', ' " . mysql_real_escape_string($_POST['specialization']) . " ', ' " . mysql_real_escape_string($_POST['words']) . " ', ' " . mysql_real_escape_string($_SESSION['MM_Username']) . " ' ";

  mysql_select_db($database_con_reg, $con_reg);
  $Result1 = mysql_query($insertSQL, $con_reg) or die(mysql_error());
}

Thank you very much for the reply. I am really grateful for your help. Tried your piece of code. The code is given below:

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form")) {
  $insertSQL = "INSERT INTO blog (title, specialization, message, email) VALUES ' " . mysql_real_escape_string($_POST['title'])  . " ', ' " . mysql_real_escape_string($_POST['specialization']) . " ', ' " . mysql_real_escape_string($_POST['words']) . " ', ' " . mysql_real_escape_string($_SESSION['MM_Username']) . " ' ";

  mysql_select_db($database_con_reg, $con_reg);
  $Result1 = mysql_query($insertSQL, $con_reg) or die(mysql_error());

It gives me an error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' Let us try ', ' Addiction ', '
Let us hope it works...

', ' fizza@hotma' at line 1

Why am I getting this error? What does this error mean?

Regards,

Bilal A. Khan

BilalAKhan 12 Newbie Poster · Answer 4 · 2011-12-20T16:31:31+00:00

Sorry, I forgot the ( ) around the values, so it should be

$insertSQL = "INSERT INTO blog (title, specialization, message, email) VALUES (' " . mysql_real_escape_string($_POST['title'])  . " ', ' " . mysql_real_escape_string($_POST['specialization']) . " ', ' " . mysql_real_escape_string($_POST['words']) . " ', ' " . mysql_real_escape_string($_SESSION['MM_Username']) . " ')";

  mysql_select_db($database_con_reg, $con_reg);
  $Result1 = mysql_query($insertSQL, $con_reg) or die(mysql_error());

Thanks a million mate.... it worked. You have been a great help for me.

Best Regards,

Bilal A, Khan

simplypixie 123 Posting Pro in Training · Answer 5 · 2011-12-20T16:38:15+00:00

simplypixie 123 Posting Pro in Training

12 Years Ago

No problem - please mark as solved.

fobos 19 Posting Whiz in Training · Answer 6 · 2011-12-21T01:39:05+00:00

Mark it solved BilalAKhan!! Its down near the bottom by the quick reply.

Trying ti insert user name in database

Recommended Answers Collapse Answers

All 8 Replies

Recommended Answers