I am having trouble with using an old MySQL command from a website.
INSERT INTO
users(user_name, user_pass, user_email ,user_date, user_level)
VALUES('" . mysql_real_escape_string($_POST['user_name']) . "',
'" . sha1($_POST['user_pass']) . "',
'" . mysql_real_escape_string($_POST['user_email']) . "',
NOW(),
0);
It returns with this error.
#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'user_name']) . "',
'" . sha1($_POST['user_pass']) . "',
'" . mys' at line 3
The article on the website was from May of 2010 so that might be a reason why it isn't working. Here is the website: http://code.tutsplus.com/tutorials/how-to-create-a-phpmysql-powered-forum-from-scratch--net-10188 . If you need anymore information I will edit this question.
You need to escape the single quotes within your values (after each POST[ ).
INSERT INTO
users(user_name, user_pass, user_email ,user_date, user_level)
VALUES('" . mysql_real_escape_string($_POST[''user_name'']) . "',
'" . sha1($_POST[''user_pass'']) . "',
'" . mysql_real_escape_string($_POST[''user_email'']) . "',
NOW(),
0);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.