CODEWITHSUNDEEP
phpsqlpostgresql
MrEnder
MrEnder

Reputation: 275

PHP error can't figure it out something to do with SQL stuff I think

Ok the error is showing up somewhere in this here code

    if($error==false) {

        $query = pg_query("INSERT INTO chatterlogins(firstName, lastName, gender, password, ageMonth, ageDay, ageYear, email, createDate) VALUES('$firstNameSignup', '$lastNameSignup', '$genderSignup', md5('$passwordSignup'), $monthSignup, $daySignup, $yearSignup, '$emailSignup', now());");
        $query = pg_query("INSERT INTO chatterprofileinfo(email, lastLogin) VALUES('$email', now())";);
        $_SESSION['$userNameSet'] = $email;
        header('Location: signup_step2.php'.$rdruri);

    }

anyone see what I did wrong??? sorry for being so unspecific but ive been staring at it for 10 mins and I can't figure it out.

Upvotes: 1

Views: 104

Answers (3)

VolkerK
VolkerK

Reputation: 96199

When the query fails pg_query() returns false. pg_last_error() returns the error message of the last operation.
Hopefully all those variables -$firstNameSignup, $lastNameSignup, $genderSignup ... except $passwordSignup- have been properly escaped via pg_escape_string()

if($error==false) {
  $query = "
    INSERT INTO
      chatterlogins
      (
        firstName, lastName, gender, password,
        ageMonth, ageDay, ageYear, email, createDate
      )
      VALUES
      (
        '$firstNameSignup', '$lastNameSignup', '$genderSignup', md5('$passwordSignup'),
        $monthSignup, $daySignup, $yearSignup, '$emailSignup', now()
      )
  ";
  echo '<pre>Debug: query=', htmlspecialchars($query) , '</pre>';
  $rc = pg_query($query);
  if ( !$rc ) {
    die('pg_query failed: ' . htmlspecialchars(pg_last_error()) );
  }


  $query = "
    INSERT INTO
      chatterprofileinfo
      (email, lastLogin)
    VALUES
      ('$email', now())
  ";
  echo '<pre>Debug: query=', htmlspecialchars($query) , '</pre>';
  $rc = pg_query($query);
  if ( !$rc ) {
    die('pg_query failed: ' . htmlspecialchars(pg_last_error()) );
  }

  $_SESSION['$userNameSet'] = $email;
  header('Location: signup_step2.php'.$rdruri);
}

Upvotes: 0

GSto
GSto

Reputation: 42380

in your example, monthSignup, daySignup, and yearSignup aren't quoted.

Upvotes: 0

Ayman Hourieh
Ayman Hourieh

Reputation: 137436

$query = pg_query("INSERT INTO chatterprofileinfo(email, lastLogin) VALUES('$email', now())";);

The semicolon (;) near the end is misplaced. It should be inside the string:

$query = pg_query("INSERT INTO chatterprofileinfo(email, lastLogin) VALUES('$email', now());");

Upvotes: 2

Related Questions