Jason
Reputation: 603
Array values in SQL query?
$sql = mysql_query("INSERT INTO `users` VALUES(
'',
'$form['name']',
'$form['saddress']',
'$form['apt']',
'$form['zip']',
'$form['homephone']',
'$form['cellphone']',
'$form['email']',
'$form[' ']',
'$form['city']',
'$form['state']',
'$form['country']',
'$salt','$hash',
'$form['username']'
)");
How would I make that work? It's giving me Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING
Upvotes: 1
Views: 587
Answers (3)
Nexerus
Reputation: 1088
Either by removing the single quotes from the $form['x'] or by doing something like:
mysql_query("INSERT INTO x VALUES(
'" . mysql_real_escape_string($form['x']) . "',
'" . mysql_real_escape_string($form['x']) . "'
");
Notice that there are double quotes inside the single quotes.
Upvotes: 1
Stephen
Reputation: 18984
This is a classic problem that stems from PHP's ability to parse strings for variables, which can get confusing. I prefer to keep my variables outside of the strings, and concatenate when needed.
Here's what I would do:
$sql = mysql_query("INSERT INTO `users` VALUES('" .
implode("','", array(
"",
$form['name'],
$form['saddress'],
$form['apt'],
$form['zip'],
$form['homephone'],
$form['cellphone'],
$form['email'],
$form[' '],
$form['city'],
$form['state'],
$form['country'],
$salt,
$hash,
$form['username']
)) . "')";
);
Upvotes: 0
Rusty Fausak
Reputation: 7525
Try using curly brackets around the variables, like this:
..
'{$form['name']}',
'{$form['saddress']}',
..
Upvotes: 2