Reputation: 39
PHP Check Session if one has privilege
I'm working on a MySQL Query to create a product in the database but I'm getting an error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'desc, fprice, inkoop, image, author, html) VALUES('1', 'bronze 5 - bronze 4', '1' at line 1
I have Googled it but can't find any problem in my code:
<?php
if(isset($_POST['submit'])) {
$shopid1 = $_POST['productid'];
$prodname1 = $_POST['productname'];
$desc1 = $_POST['desc'];
$fprice1 = $_POST['fprice'];
$price1 = $_POST['price'];
$inkoop1 = $_POST['inkoop'];
$image1 = $_POST['image'];
$qty1 = $_POST['qty'];
$html1 = $_POST['html'];
$author1 = $_SESSION['name'];
mysql_query("INSERT INTO products(shopid, name, qty, price, desc, fprice, inkoop, image, author, html) VALUES('$shopid1', '$prodname1', '$qty1', '$price1', '$desc1', '$fprice1', '$inkoop1', '$image1', '$author1', '$html1')", $conn)
or die(mysql_error());
Header("Location: products.php");
} else {
}
?>
Hope someone can diagnose my problem! Thanks!
Upvotes: 0
Views: 144
Answers (3)
Reputation: 805
Try to escape the keyword (desc) in your query
<?php
if(isset($_POST['submit'])) {
$shopid1 = $_POST['productid'];
$prodname1 = $_POST['productname'];
$desc1 = $_POST['desc'];
$fprice1 = $_POST['fprice'];
$price1 = $_POST['price'];
$inkoop1 = $_POST['inkoop'];
$image1 = $_POST['image'];
$qty1 = $_POST['qty'];
$html1 = $_POST['html'];
$author1 = $_SESSION['name'];
mysql_query("INSERT INTO products(shopid, name, qty, price, `desc`, fprice, inkoop, image, author, html) VALUES('$shopid1', '$prodname1', '$qty1', '$price1', '$desc1', '$fprice1', '$inkoop1', '$image1', '$author1', '$html1')", $conn)
or die(mysql_error());
Header("Location: products.php");
} else {
}
?>
You can also checkout the reserved key words so that you don't make another mistake next time MYSQL Reserved Keyword
Upvotes: 0
Reputation: 3488
desc is a keyword and it can be either used using backticks or rename it in the database (if possible). Try as below :
INSERT INTO products
(shopid, name, qty, price, `desc`, fprice, inkoop, image, author, html)
VALUES
('$shopid1', '$prodname1', '$qty1', '$price1', '$desc1', '$fprice1', '$inkoop1', '$image1', '$author1', '$html1')
Upvotes: 0
Reputation: 31739
desc is reserved keyword. Try with -
INSERT INTO products(shopid, name, qty, price, `desc`,.....
Or rename it accordingly.
Upvotes: 1
Related Questions
- How can I prevent SQL injection in PHP?
- How do you parse and process HTML/XML in PHP?
- Check if PHP session has already started
- Deleting an element from an array in PHP
- Reference Guide: What does this symbol mean in PHP? (PHP Syntax)
- How do I check if a string contains a specific word?
- How do I expire a PHP session after 30 minutes?
- How does PHP 'foreach' actually work?
- How do I get PHP errors to display?
- Why shouldn't I use mysql_* functions in PHP?