The forums have permanently moved to This forum will be kept around in read-only mode for archival purposes. To learn how to continue using your existing account on the new forums, check out this thread.

Results 1 to 8 of 8

Thread: mysql_query

  1. #1


    im starting to learn how to interact with mysql with php. but i keep getting an error from this line of code

    mysql_query("INSERT INTO sm2lvls('user','level','rating')VALUES($Suser,$Sle vel,$Srating)")or die(mysql_error());

    the error is

    You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''user','level','rating')VALUES(,,)' at line 1
    Zed Town- zombie killing game
    moar games at NPGAM.ES

  2. #2
    PHP Code:
    $Sle vel ==> $Slevel 
    Remove the space between this variable. Variables cannot have spaces. "Vel" will be interpreted as a constant, which you probably don't have defined and have no cause to define.

    If that doesn't work, I believe all values need to be wrapped in quotes.

    PHP Code:
    And I've never put quotes around the table columns before....

    PHP Code:
    INSERT INTO tableName(column1column2
    Last edited by NeoDreamer; September 3rd, 2009 at 12:32 PM.

  3. #3
    ^ Definitely try that. Although if the values are variables, I don't think they need to be in quotes, do they? The string value of the variable should already have "quotes".
    Proud Montanadian
    You want a toe? I can get you a toe... Hell, I can get you a toe by three o'clock this afternoon, with nail polish.

  4. #4
    i must have added the space on accident when pasting. its not in the actual code

    i wrapped the variables in quotes, that didnt work.

    and do you mean remove the quotes, so it looks like this
    mysql_query(INSERT INTO sm2lvls('user','level','rating')VALUES('$Suser','$Slevel','$Srating'))or die(mysql_error());
    or something else because then i get a parse error
    Last edited by npgames; September 3rd, 2009 at 01:36 PM.
    Zed Town- zombie killing game
    moar games at NPGAM.ES

  5. #5

    mysql_query("INSERT INTO sm2lvls(user,level,rating)VALUES('$Suser','$Slevel','$Srating')")or die(mysql_error());
    Zed Town- zombie killing game
    moar games at NPGAM.ES

  6. #6
    Be careful to never use user-input variables directly in your queries. Unless you are 100% certain that a variable cannot cause any SQL injection vulnerabilities, you must always apply mysql_real_escape_string to them before inserting them into query strings. Even better would be to use prepared statements, as they take care of this for you automatically.

    Google "PHP SQL injection", you'll find plenty of information on the subject.
    Wait, what?

  7. #7
    wow thanks for the info.
    Zed Town- zombie killing game
    moar games at NPGAM.ES

  8. #8
    just to check, this is how it works right

    $Sid = $HTTP_POST_VARS["Id"];
    Zed Town- zombie killing game
    moar games at NPGAM.ES

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Home About Meet the Moderators Advertise

 Link to Us


Copyright 1999 - 2012