1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Looking for some PHP help. error in your SQL syntax

Discussion in 'BlackHat Lounge' started by Oblivion13, Dec 13, 2011.

  1. Oblivion13

    Oblivion13 Regular Member

    Joined:
    Sep 7, 2011
    Messages:
    459
    Likes Received:
    249
    Hey All,

    I am new at PHP and I am trying to make a form post to the database and when I click on Submit, I am getting this error.

    Here is the post.php that I am using.

    Code:
    <?php
    // Pick up the form data and assign it to variables
    $id = $_POST['id'];
    $name = $_POST['name'];
    $model = $_POST['model'];
    $desc = $_POST['desc'];
    $image = $_POST['image'];
    
    
    // contact to database
    
    $connect = mysql_connect("localhost", "ADMIN", "PASS") or die ("Error , check your server connection.");
    
    mysql_select_db("DBNAME");
    
     
    
    //Get data in local variable
    
    $id=$_POST['id'];
    $name=$_POST['name'];
    $model=$_POST['model'];
    $desc=$_POST['desc'];
    $image=$_POST['image'];
     
    
    // check for null values
    
    if ($name==""  or $model=="")
    
    echo "All fields must be entered, hit back button and re-enter information";
    
    else{
    
    $query="INSERT INTO new_equip(id, name, model, desc, image) 
    VALUES('$id','$name','$model','$desc','$image')";
    
    
    
    mysql_query($query)  or die(mysql_error());
    
    
    }
    
    // Redirect
    header("Location: Admin_AddListing.php");
    
    ?>
    I am running PHP Version 5.2.17


    If anyone can help me with this I would sure appreciate it. I have been searching and trying to fix it for over 2 hrs now.
     
    Last edited: Dec 13, 2011
  2. bastienvans

    bastienvans Newbie

    Joined:
    May 3, 2009
    Messages:
    20
    Likes Received:
    2
    Use backticks in your query.

    $query="INSERT INTO new_equip(`id`, `name`, `model`, `desc`, `image`) VALUES('$id','$name','$model','$desc','$image')";
     
    • Thanks Thanks x 1
  3. Oblivion13

    Oblivion13 Regular Member

    Joined:
    Sep 7, 2011
    Messages:
    459
    Likes Received:
    249
    That did it, And the funny part is I did that but I used the ' not the `

    I sure appreciate it. Just learning php, what a learning curve.
     
  4. bastienvans

    bastienvans Newbie

    Joined:
    May 3, 2009
    Messages:
    20
    Likes Received:
    2
    You're welcome. :)
     
  5. madoctopus

    madoctopus Supreme Member

    Joined:
    Apr 4, 2010
    Messages:
    1,249
    Likes Received:
    3,498
    Occupation:
    Full time IM
    desc (stands for descending) is a reserved word in sql - used with 'order by' (e.g. order by colname desc)

    you use regular quotes or doublequotes for values and backticks for column names if they're the same with a reserved word