pixelJockey
Reputation: 321
SQL Errors on Database Insert
I am getting an SQL syntax Error but can't seem to find the source as the code seems correct (to me).
The Error:
Invalid query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '= 'test' , date = '2012-12-05' , trunk = '' , introduction = '' , title_gallery ' at line 3
The Code:
<?php include("../inc/approve-admin.php"); ?>
<?php include("../inc/connect.php"); ?>
<?php include('class.upload.php'); ?>
<?php
$filePath = "../images";
$dir_dest = $filePath;
$dir_pics = (isset($_GET['pics']) ? $_GET['pics'] : $dir_dest);
?>
<!DOCTYPE HTML>
<?php
$PageTitle = "Fashion Franchise Admin | Add Record";
$description = "Fashion Franchise";
$keywords = "Fashion Franchise";
$body = "home";
require "../inc/header.php";
?>
<script src="../js/jquery.validate.js" type="text/javascript"></script>
<!-- for styling the form -->
<script src="../js/cmxforms.js" type="text/javascript"></script>
<script type="text/javascript">
$(document).ready(function() {
$("#addResource").validate();
});
</script>
<script type="text/javascript" src="../js/tiny_mce/tiny_mce.js" ></script>
<script type="text/javascript">
tinyMCE.init({
mode : "textareas",
editor_deselector : "mceNoEditor"
});
</script>
<body id="<?php echo htmlentities("$body") ?>">
<div class="container_12">
<!-- Nav -->
<?php include("../inc/nav-admin.php"); ?>
<!-- / Nav -->
<div class="grid_12"> </div>
<div class="grid_12"> </div>
<!-- Adimn List -->
<?php include("../inc/admin-list.php"); ?>
<!-- / Adimn List -->
<div class="grid_7" id="white" style="min-height:400px">
<p style="text-align:center;padding-top:20px;">
<?
if(isset($_POST['title'])) {
if(isset($_POST['gallery_1'])) {
$gallery_1_to_insert = mysql_real_escape_string($_POST['gallery_1']);
}
if(isset($_POST['gallery_2'])) {
$gallery_2_to_insert = mysql_real_escape_string($_POST['gallery_2']);
}
if(isset($_POST['gallery_3'])) {
$gallery_3_to_insert = mysql_real_escape_string($_POST['gallery_3']);
}
if(isset($_POST['gallery_4'])) {
$gallery_4_to_insert = mysql_real_escape_string($_POST['gallery_4']);
}
if(isset($_POST['gallery_5'])) {
$gallery_5_to_insert = mysql_real_escape_string($_POST['gallery_5']);
}
if(isset($_POST['download_1'])) {
$download_1_to_insert = mysql_real_escape_string($_POST['download_1']);
}
if(isset($_POST['download_2'])) {
$download_2_to_insert = mysql_real_escape_string($_POST['download_2']);
}
if(isset($_POST['download_3'])) {
$download_3_to_insert = mysql_real_escape_string($_POST['download_3']);
}
$title_to_insert = mysql_real_escape_string($_POST['title']);
$title_gallery_to_insert = mysql_real_escape_string($_POST['title_gallery']);
$date_to_insert = stripslashes($_POST['date']);
$trunk_to_insert = mysql_real_escape_string($_POST['trunk']);
$introduction_to_insert = mysql_real_escape_string($_POST['introduction']);
$download_1_title_to_insert = mysql_real_escape_string($_POST['download_1_title']);
$download_2_title_to_insert = mysql_real_escape_string($_POST['download_2_title']);
$download_3_title_to_insert = mysql_real_escape_string($_POST['download_3_title']);
$dropbox_title_to_insert = mysql_real_escape_string($_POST['dropbox_title']);
$dropbox_info_to_insert = mysql_real_escape_string($_POST['dropbox_info']);
$dropbox_link_to_insert = mysql_real_escape_string($_POST['dropbox_link']);
$video_title_to_insert = mysql_real_escape_string($_POST['video_title']);
$video_to_insert = mysql_real_escape_string($_POST['video']);
$id = (int)$id; // Cast this as an integer to also make it safe
$handle = new Upload($_FILES['gallery_1']);
if ($handle->uploaded) {
$handle->file_max_size = 4000000;
$handle->image_resize = true;
$handle->image_ratio = true;
$handle->image_ratio_crop = true;
$handle->image_y = 407;
$handle->image_x = 460;
$handle->allowed = array('image/pjpeg','image/jpeg', 'image/jpg');
$handle->Process($dir_dest);
if ($handle->processed) {
echo 'issue image 1 uploaded ' . round(filesize($handle->file_dst_pathname)/256)/4 . 'KB<br /><br />';
$gallery_1 = $dir_pics.'/' . $handle->file_dst_name ;
} else {
echo ' the following error occurred while uploading image 1<br />';
echo ' Error: ' . $handle->error . '<br /><br />';
}
$handle-> Clean();
}
$handle2 = new Upload($_FILES['gallery_2']);
if ($handle2->uploaded) {
$handle2->file_max_size = 4000000;
$handle2->image_resize = true;
$handle2->image_ratio = true;
$handle2->image_ratio_crop = true;
$handle2->image_y = 307;
$handle2->image_x = 460;
$handle2->allowed = array('image/pjpeg','image/jpeg', 'image/jpg');
$handle2->Process($dir_dest);
if ($handle2->processed) {
echo 'issue image 2 uploaded ' . round(filesize($handle2->file_dst_pathname)/256)/4 . 'KB<br /><br />';
$gallery_2 = $dir_pics.'/' . $handle2->file_dst_name ;
} else {
echo ' the following error occurred while uploading image 2<br />';
echo ' Error: ' . $handle2->error . '<br /><br />';
}
$handle2-> Clean();
}
$handle3 = new Upload($_FILES['gallery_3']);
if ($handle3->uploaded) {
$handle3->file_max_size = 4000000;
$handle3->image_resize = true;
$handle3->image_ratio = true;
$handle3->image_ratio_crop = true;
$handle3->image_y = 307;
$handle3->image_x = 460;
$handle3->allowed = array('image/pjpeg','image/jpeg', 'image/jpg');
$handle3->Process($dir_dest);
if ($handle3->processed) {
echo 'issue image 3 uploaded ' . round(filesize($handle3->file_dst_pathname)/256)/4 . 'KB<br /><br />';
$gallery_3 = $dir_pics.'/' . $handle3->file_dst_name ;
} else {
echo ' the following error occurred while uploading image 3<br />';
echo ' Error: ' . $handle3->error . '<br /><br />';
}
$handle3-> Clean();
}
$handle4 = new Upload($_FILES['gallery_4']);
if ($handle4->uploaded) {
$handle4->file_max_size = 4000000;
$handle4->image_resize = true;
$handle4->image_ratio = true;
$handle4->image_ratio_crop = true;
$handle4->image_y = 307;
$handle4->image_x = 460;
$handle4->allowed = array('image/pjpeg','image/jpeg', 'image/jpg');
$handle4->Process($dir_dest);
if ($handle4->processed) {
echo 'main image for issue uploaded ' . round(filesize($handle4->file_dst_pathname)/256)/4 . 'KB<br /><br />';
$gallery_4 = $dir_pics.'/' . $handle4->file_dst_name ;
} else {
echo ' the following error occurred while uploading the main image<br />';
echo ' Error: ' . $handle4->error . '<br /><br />';
}
$handle4-> Clean();
}
$handle5 = new Upload($_FILES['gallery_5']);
if ($handle5->uploaded) {
$handle5->file_max_size = 4000000;
$handle5->image_resize = true;
$handle5->image_ratio = true;
$handle5->image_ratio_crop = true;
$handle5->image_y = 307;
$handle5->image_x = 460;
$handle5->allowed = array('image/pjpeg','image/jpeg', 'image/jpg');
$handle5->Process($dir_dest);
if ($handle5->processed) {
echo 'map image for issue uploaded ' . round(filesize($handle5->file_dst_pathname)/256)/4 . 'KB<br /><br />';
$gallery_5 = $dir_pics.'/' . $handle5->file_dst_name ;
} else {
echo ' the following error occurred while uploading the map image<br />';
echo ' Error: ' . $handle5->error . '<br /><br />';
}
$handle5-> Clean();
}
$handle6 = new Upload($_FILES['download_1']);
if ($handle6->uploaded) {
$handle6->file_max_size = 4000000;
$handle6->allowed = array('application/*', 'image/*');
$handle6->Process($dir_dest);
if ($handle6->processed) {
echo 'download one uploaded' . round(filesize($handle6->file_dst_pathname)/256)/4 . 'KB<br /><br />';
$download_1 = $dir_pics.'/' . $handle6->file_dst_name ;
} else {
echo ' the following error occurred while uploading download one<br />';
echo ' Error: ' . $handle6->error . '<br /><br />';
}
$handle6-> Clean();
}
$handle7 = new Upload($_FILES['download_2']);
if ($handle7->uploaded) {
$handle->file_max_size = 4000000;
$handle->allowed = array('application/*', 'image/*');
$handle7->Process($dir_dest);
if ($handle7->processed) {
echo 'download two uploaded' . round(filesize($handle7->file_dst_pathname)/256)/4 . 'KB<br /><br />';
$download_2 = $dir_pics.'/' . $handle7->file_dst_name ;
} else {
echo ' the following error occurred while uploading download two<br />';
echo ' Error: ' . $handle7->error . '<br /><br />';
}
$handle7-> Clean();
}
$handle8 = new Upload($_FILES['download_3']);
if ($handle8->uploaded) {
$handle->file_max_size = 4000000;
$handle->allowed = array('application/*', 'image/*');
$handle8->Process($dir_dest);
if ($handle8->processed) {
echo 'download three uploaded' . round(filesize($handle8->file_dst_pathname)/256)/4 . 'KB<br /><br />';
$download_3 = $dir_pics.'/' . $handle8->file_dst_name ;
} else {
echo ' the following error occurred while uploading download three<br />';
echo ' Error: ' . $handle8->error . '<br /><br />';
}
$handle8-> Clean();
}
$query = mysql_query("INSERT INTO news (
id,
title = '$title_to_insert' ,
date = '$date_to_insert' ,
trunk = '$trunk_to_insert' ,
introduction = '$introduction_to_insert' ,
title_gallery = '$title_gallery_to_insert' ,
gallery_1 = '$gallery_1_to_insert' ,
gallery_2 = '$gallery_2_to_insert' ,
gallery_3 = '$gallery_3_to_insert' ,
gallery_4 = '$gallery_4_to_insert' ,
gallery_5 = '$gallery_5_to_insert' ,
download_1 = '$download_1_to_insert' ,
download_2 = '$download_2_to_insert' ,
download_3 = '$download_3_to_insert' ,
download_1_title = '$download_1_title_to_insert' ,
download_2_title = '$download_2_title_to_insert' ,
download_3_title = '$download_3_title_to_insert' ,
dropbox_title = '$dropbox_title_to_insert' ,
dropbox_info = '$dropbox_info_to_insert' ,
dropbox_link = '$dropbox_link_to_insert' ,
video_title = '$video_title_to_insert' ,
video = '$video_to_insert'
) VALUES
(NULL,
'$title_to_insert' ,
'$title_gallery_to_insert' ,
'$date_to_insert' ,
'$trunk_to_insert' ,
'$introduction_to_insert',
'$gallery_1_to_insert',
'$gallery_2_to_insert',
'$gallery_3_to_insert',
'$gallery_4_to_insert',
'$gallery_5_to_insert',
'$download_1_to_insert',
'$download_2_to_insert',
'$download_3_to_insert',
'$download_1_title_to_insert',
'$download_2_title_to_insert',
'$download_3_title_to_insert',
'$dropbox_title_to_insert',
'$dropbox_info_to_insert',
'$dropbox_link_to_insert',
'$video_title_to_insert',
'$video_to_insert' );");
if($query) {
$message = $title . " has been added";
}else{
$message = "an error occurred while updating this entry";
die('Invalid query: ' . mysql_error());
}
}
?>
</p>
<? if(isset($_POST['title'])) { ?>
<div id="content_holder">
<p style="text-align:center;padding-top:20px;">
<strong><? echo $message; ?></strong><br/>
<span class="error"><? if($error_message) { echo $error_message; } ?></span>
Add another <a href="add.php">Record/Item</a></p>
<!-- end content_holder -->
</div>
<? }else{ ?>
<h1 style="padding:10px;">Add News Record</h1>
<form action="add_news.php" enctype="multipart/form-data" name="addResource" id="addResource" method="post" class="cmxform">
<table cellpadding="10px;" cellspacing="5" width="100%" align="left" valign="top">
<tr><td colspan="2" align="right"><label>*Required Fields</label></tr>
<tr>
<td width="50%">
<span class="formTitle">General Information</span><br/><br/>
<label>*Title</label><br/>
<input id="title" name="title" class="required" />
</td>
<td width="50%"><br/><br/>
<label>*Date</label><br/>
<input id="date" name="date" class="required"/>
</td>
</tr>
<tr><td colspan="2">
<label>*Brief News Summary (*200 Characters or Less)</label><br/>
<p class="smallGrey">Used for list display</p><br/>
<textarea class="mceNoEditor" id="trunk" name="trunk" style="width: 510px; height: 200px; font-size: 12px;" class="required"/></textarea>
</td></tr>
<tr><td colspan="2">
<label>News Article Content</label><br/>
<p class="smallGrey">*Basic font styling only for best display</p><br/>
<textarea style="width: 510px; height: 300px; font-size: 12px; overflow: auto;" id="introduction" name="introduction"></textarea>
</td></tr>
<tr>
<td colspan="2">
<hr/>
</td>
</tr>
<tr>
<td>
<table width="100%" align="left" valign="top">
<tr><td><span class="formTitle">Add Gallery Images</span></td></tr>
<tr><td><p class="smallGrey">*Ideal picture size is 460px by 307px (Landscape). Larger Images will be cropped to these proportions.</p></td></tr>
<tr><td><label>Gallery Title/Name</label><br/><input id="title_gallery" name="title_gallery" /></td></tr>
<tr><td><label>Image #1</label><br/><input type="file" id="gallery_1" name="gallery_1" /></td></tr>
<tr><td><label>Image #2</label><br/><input type="file" id="gallery_2" name="gallery_2" /></td></tr>
<tr><td><label>Image #3</label><br/><input type="file" id="gallery_3" name="gallery_3" /></td></tr>
<tr><td><label>Image #4</label><br/><input type="file" id="gallery_4" name="gallery_4" /></td></tr>
<tr><td><label>Image #5</label><br/><input type="file" id="gallery_5" name="gallery_5" /></td></tr>
</table>
</td>
<td valign="top">
<span class="formTitle">Video Embed</span><br/>
<label>Video Title</label><br/><input id="video_title" name="video_title" /><br/><br/>
<p class="smallGrey">*Be sure to set the video width to "460" for proper display.</p><br/>
<label>Video Embed Code</label><br/>
<textarea class="mceNoEditor" id="video" name="video"/></textarea>
</td>
</tr>
<tr>
<td colspan="2">
<hr/>
</td>
</tr>
<tr><td>
<table width="100%" align="left" valign="top">
<span class="formTitle">Add Downloads</span><br/>
<tr><td><p class="smallGrey">*5MB Max File Upload Size. Acceptable document types: PDF, Word and Excel</p></td></tr>
<tr><td><label>Download Title One</label><br/><input id="download_1_title" name="download_1_title" /></td></tr>
<tr><td><label>Download One</label><br/><input type="file" id="download_1" name="download_1" /></td></tr>
<tr><td><label>Download Title Two</label><br/><input id="download_2_title" name="download_2_title" /></td></tr>
<tr><td><label>Download Two</label><br/><input type="file" id="download_2" name="download_2" /></td></tr>
<tr><td><label>Download Title Three</label><br/><input id="download_3_title" name="download_3_title" /></td></tr>
<tr><td><label>Download Three</label><br/><input type="file" id="download_3" name="download_3" ></td></tr>
</table>
</td>
<td valign="top">
<span class="formTitle">Add Dropbox</span><br/>
<label>Dropbox Title</label><br/>
<input id="dropbox_title" name="dropbox_title" />
<br/><br/>
<label>Dropbox Description</label><br/>
<input id="dropbox_info" name="dropbox_info" />
<br/><br/>
<label>Dropbox Link (No http://)</label><br/>
<input id="dropbox_link" name="dropbox_link" />
</td></tr>
<tr>
<td colspan="2">
<hr/>
</td>
</tr>
<tr><td colspan="2" align="right">
<p class="smallGrey">*Depending on the number and size of files being uploaded it might take awhile for the browser to process your request. Please only click the submit button once.</p><br/>
<input type="submit" value="Add Record" class="submit" /> <a href="index.php" class="cancel">Cancel</a><br/><br/>
</td></tr>
</table>
</form>
<?php
}mysql_close();
?>
</div>
<?php include("../inc/footer.php"); ?>
<!-- / Container_12 -->
</div>
</body>
</html>
Upvotes: 0
Views: 114
Answers (1)
koopajah
Reputation: 25552
You query is not properly constructed.
It should be something like this :
INSERT INTO news (id, title, date, ...) VALUES ($id, '$title', '$date', ...)"
But the problem is that you have your values in the part VALUES (...) but you also put them for no reason in the first part.
You also should stop using mysql_*() as they are deprecated and look mysqli to properly construct your queries.
Upvotes: 4