CODEWITHSUNDEEP
phpmysql
Dmitry Makovetskiyd
Dmitry Makovetskiyd

Reputation: 7053

Insert error in mysql/php

I have got this function:

   public static function insert_user($user)
{
    $con = mysql_connect("localhost","root","") or die(mysql_error());
    mysql_select_db("speakom",$con) or die(mysql_error());
    mysql_query("INSERT INTO user (user_ip,user_name,full_name,email_address,password,gender,birthday,banned,role,country) 
        VALUES('".$user->ip."','".$user->name."','".$user->full_name."','".$user->email."','".$user->password."',".$user->gender.",'".$user->birthday."',".$user->banned.",".$user->role.",'".$user->country."'") or die(mysql_error());
    mysql_close($con);
}

And I get this error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 2

Where does the error point to ? how do I know where the error is?

Upvotes: 0

Views: 67

Answers (5)

Ja͢ck
Ja͢ck

Reputation: 173552

Instead of yelling you should use PDO and prepared statements, here's the answer in PDO style:

$con = new PDO('mysql:host=localhost;dbname=speakom', 'root', ''); // optionally add encoding options
$con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); // enable exception throwing
$stmt = $db->prepare('INSERT INTO user (user_ip, user_name, full_name, email_address, password, gender, birthday, banned, role, country) 
    VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)');
$stmt->execute(array(
    $user->ip, $user->name, $user->full_name, $user->email, $user->password, 
    $user->gender, $user->birthday, $user->banned, $user->role, $user->country,
));

Disclaimer didn't test this, but it should give you a good idea :)

Upvotes: 2

Chibuzo
Chibuzo

Reputation: 6117

Some of the values you want to insert are not in quote, and you missed the closing ) for VALUES. Try this

mysql_query("INSERT INTO user (user_ip,user_name,full_name,email_address,password,gender,birthday,banned,role,country) 
    VALUES('$user->ip', '$user->name','$user->full_name', '$user->email', '$user->password', '$user->gender', '$user->birthday', '$user->banned', '$user->role', '$user->country')") or die(mysql_error());

Upvotes: 1

Leri
Leri

Reputation: 12535

VALUES('".$user->ip."','".$user->name."','".$user->full_name."','".$user->email."','".$user->password."',".$user->gender.",'".$user->birthday."',".$user->banned.",".$user->role.",'".$user->country."'"

You are missing ) at the end. By the way, use PDO or mysqli.

Upvotes: 1

triclosan
triclosan

Reputation: 5714

would you run 

echo "INSERT INTO user (user_ip,user_name,full_name,email_address,password,gender,birthday,banned,role,country)      VALUES('".$user->ip."','".$user->name."','".$user->full_name."','".$user->email."','".$user->password."',".$user->gender.",'".$user->birthday."',".$user->banned.",".$user->role.",'".$user->country."'";

and i advise you to use `user` instead of user

Upvotes: 1

eggyal
eggyal

Reputation: 125855

You're missing the closing ) from the VALUES ( clause. In general, it's easier to assign your SQL to a variable (which you can output for debugging purposes like this) prior to passing it to mysql_query.

Upvotes: 3

Related Questions