Inserting in MySQL Table Error
Question
I wonder is anyone can help me with this annoying problem. Trying to insert some data into a table. In the mean time, I want to leave out some fields and not insert something there. For some reason I'm getting Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING error. Is there something I'm doing wrong below?
Your help will be appreciated.
<?php
function sqlEscape($string){
return "'".mysql_real_escape_string($string)."'";
}
if( $_GET['location'] == ''
|| $_GET['name'] == ''
|| $_GET['school'] == ''
|| $_GET['reason'] == ''
|| $_GET['address'] == ''
|| $_GET['postcode'] == ''
|| $_GET['email'] == ''
|| $_GET['telephone'] == '') {
exit('You missed a value');
}
include('theConfig.php');
$con = mysql_connect($host, $username, $password) or die(mysql_error()) ;
if (!$con){
die('Could not connect: ' . mysql_error());
} mysql_select_db($db, $con); //$description = mysql_real_escape_string($_GET[description]);
$sql = sprintf('INSERT INTO applications (location, name, school, reason, address, postcode, email, telephone, town, county, state, country)
VALUES(%s, %s, %s, %s, %s, %s, %s, %s, %s, %s,'','')',
sqlEscape($_GET['location']),
sqlEscape($_GET['name']),
sqlEscape($_GET['school']),
sqlEscape($_GET['reason']),
sqlEscape($_GET['address']),
sqlEscape($_GET['postcode']),
sqlEscape($_GET['email']),
sqlEscape($_GET['telephone']));
if (!mysql_query($sql,$con)){
die('Error: ' . mysql_error());
}
header('Location: thankyou.php');
mysql_close($con)
?>
4 answers
solution1
1 2011-09-27 01:00:04
You should have values set for town and county - or set with default value (empty string like the others):
$sql = sprintf("INSERT INTO applications (location, name, school, reason, address, postcode, email, telephone, town, county, state, country)
VALUES(%s, %s, %s, %s, %s, %s, %s, %s, '','','','')", ... )
Edit: Also - use double quotes to surround the first sprintf parameter as single quotes are used within...
solution2
0 2011-09-27 00:58:31
您可以在sprintf()调用中为字符串使用单引号,但也可以在字符串内部使用单引号。
solution3
0 ACCPTED 2011-09-27 01:01:37
$sql = sprintf('INSERT INTO applications (location, name, school, reason, address, postcode, email, telephone, town, county, state, country)
VALUES(%s, %s, %s, %s, %s, %s, %s, %s, %s, %s,'','')',
You have '', '')' which is incorrect, b/c the first quote in this sequence closes the string, so it's actually three strings togather: 'INSERT ... ', then ', ', and then ')'. You must escape quotes in the string with backslash or use double quotes to enclose whole string:
(escaping)
$sql = sprintf('INSERT INTO applications (location, name, school, reason, address, postcode, email, telephone, town, county, state, country)
VALUES(%s, %s, %s, %s, %s, %s, %s, %s, %s, %s,\'\',\'\')',
(using double quotes)
$sql = sprintf("INSERT INTO applications (location, name, school, reason, address, postcode, email, telephone, town, county, state, country)
VALUES(%s, %s, %s, %s, %s, %s, %s, %s, %s, %s,'','')",
solution4
0 2011-09-27 01:02:39
Try changing
function sqlEscape($string){
return "'".mysql_real_escape_string($string)."'";
}
to
function sqlEscape($string){
return mysql_real_escape_string($string);
}
or better yet just throw it in your sprintf
$sql = sprintf('INSERT INTO applications (location, name, school, reason, address, postcode, email, telephone, town, county, state, country)
VALUES('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s','','')',
mysql_real_escape_string($_GET['location']),
etc...
note I changed %s to '%s'
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.