error with mysql query syntax
Question
"INSERT INTO forum_topics (category_id, poster_id, poster_username, topic_title, topic_content, date) VALUES (".$category_id.", '$poster_id', '$topic_title', '$message', NOW()";
mysql_error() says that there is a problem with the syntax, however it might be something else. I'm gonna post the variables just so you know where they come from.
$message = $_POST['topic_message'];
$topic_title = $_POST['topic_title'];
$category_id = $_GET['id'];
EDIT Changed it to
$topic_sql = "INSERT INTO forum_topics (category_id, poster_id, poster_username, topic_title, topic_content, date) VALUES (".$category_id.", '$poster_id', '$username', '$topic_title', '$message', NOW())";
However it still doesn't work...
3 answers
solution1
2 2013-10-08 17:39:44
You're missing the closing paren for VALUES :
... NOW())";
There are other issues:
- The parameter count is incorrect
- Your query is vulnerable to injection since you are not using parameterized queries with PDO/mysqli
solution2
1 2013-10-08 17:39:48
Maybe you list 6 columns but only give data for 5? And missing closing ).
solution3
1 2013-10-08 17:41:11
Looks like you're missing a closing parenthesis and only inserting 5 values into 6 columns...
INSERT INTO forum_topics (category_id, poster_id, poster_username, topic_title, topic_content, date)
VALUES (".$category_id.", '$poster_id', '$username', '$topic_title', '$message', NOW())
You missing the user name?
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.