Solved

PHP INSERT Query Statement Issue...

Posted on 2012-03-22
7
371 Views
Last Modified: 2012-03-22
I am getting an error message when trying to insert data into my database using the INSERT query that reads:
"There was an error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' 320, 'Testing', 0, 'Lorem ipsum dolor sit amet, consectetur adipiscing elit. Na' at line 1"

The following is the statement I am using...
<?php
	if(isset($_POST['subticket'])) {
		$postsub = str_replace("'", "&#8217;", $_POST["sub"]);
		$postname = str_replace("'", "&#8217;", $_POST["fname"]);
		$postemail = str_replace("'", "&#8217;", $_POST["email"]);
		$postexten = $_POST['extension'];
		$postissue = str_replace("'", "&#8217;", $_POST["desc"]);
		$postinfo = str_replace("'", "&#8217;", $_POST["exinfo"]);
		
		if ($postsub != "" && $postname != "" && $postemail != "" && $postexten != "" && $postissue != "" && $postinfo != "") {
			$insert_query = "INSERT INTO kbticket (uid, extension, sub, level, issue, exinfo, stat) VALUES (" . $_POST['uid'] . ", $postexten, '$postsub', " . $_POST['level'] . ", '$postissue', '$postinfo', " . $_POST['stat'] . ")";
			$insert_result = mysql_query($insert_query, $connection);
			if ($insert_result) {
			$hdaddsuccess = 1;	
			
			$to = "helpdesk@norrishomefurnishings.com, " . $postemail;
			$from = "helpdesk@norrishomefurnishings.com";
			$hdemail_query = "SELECT * FROM hdticket ORDER BY id DESC LIMIT 1";
			$hdemail_result = mysql_query($hdemail_query, $connection);
			while ($hdemail = mysql_fetch_array($hdemail_result)) {
			$subject = "Helpdesk Ticket #" . $hdemail['id'] . " Updated: " . $hdemail['sub'] . "";
			$message = "<strong>PLEASE SAVE THIS INFORMATION UNTIL YOUR TICKET HAS BEEN SUCCESSFULLY CLOSED!</strong><br /><strong>ID: </strong>" . $hdemail['id'] . "<br /><strong>FULL NAME: </strong>" . $postname . "<br /><strong>EMAIL: </strong>" . $postemail . "<br /><strong>EXTENSION: </strong>" . $postext . "<br /><br /><strong>MESSAGE: </strong>" . $postissue . "<br /><br /><strong>EXTRA INFO: </strong>" . $postinfo;
			}
			$headers = "From: Norris Portal Help Desk <helpdesk@norrishomefurnishings.com>\r\n";
			$headers .= "Reply-To: ". strip_tags($from) . "\r\n";
			$headers .= "CC: anegron@norrishomefurnishings.com\r\n";
			$headers .= "MIME-Version: 1.0\r\n";
			$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
			
				if ($from != "" && $to != "" && $subject != "" && $message != "") {
					if (mail($to, $subject, $message, $headers)) {
						$mailsuccess = 1;
					} else {
						$mailfail = 1; die("There was an error: " . mysql_error());
					}
				} else {
					$mailfail = 1; die("There was an error: " . mysql_error());
				}
			
			} else {
			$hdaddfail = 1;	die("There was an error: " . mysql_error());
			}
		}
		
	}
?>

Open in new window


Your help in this matter is extremely appreciated. Thank you in advance!
0
Comment
Question by:Rumbananas
  • 3
  • 2
  • 2
7 Comments
 

Author Comment

by:Rumbananas
ID: 37754541
This issue starts at around line 11...
0
 
LVL 17

Expert Comment

by:bigeven2002
ID: 37754673
Hello,

What is your datatype for the extension and stat fields?  I noticed they do not have quotes around them on the INSERT statement so I assume it is a numeric datatype?
0
 

Author Comment

by:Rumbananas
ID: 37754721
The Query is getting hung up on the 'extension' field is set up as an integer in the database, as well as the 'stat' field. The extension '320' is supposed to be a phone extension, and the 'stat' field is drawing data from the form using the select field with numerical values.
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 51

Expert Comment

by:HainKurt
ID: 37754724
put an echo after line 11

echo $insert_query

and post the value
0
 
LVL 51

Accepted Solution

by:
HainKurt earned 500 total points
ID: 37754732
or try to put ' everywhere :)

$insert_query = "INSERT INTO kbticket (uid, extension, sub, level, issue, exinfo, stat) VALUES ('" . $_POST['uid'] . "', '$postexten', '$postsub', '" . $_POST['level'] . "', '$postissue', '$postinfo', '" . $_POST['stat'] . "')";
0
 
LVL 17

Expert Comment

by:bigeven2002
ID: 37754784
Like Hain said, you can try quoting all of them, or just use proper concatenation.
$insert_query = "INSERT INTO kbticket (uid, extension, sub, level, issue, exinfo, stat) VALUES (".$_POST['uid'].",".$postexten.",'".$postsub."','". $_POST['level']."','".$postissue."', '".$postinfo."', ".$_POST['stat'].")";

Open in new window

0
 

Author Closing Comment

by:Rumbananas
ID: 37754866
Thank you so much, I have no idea why I didn't think of it, but it did and I can't be more grateful!
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Blocking submission of a web-based form 6 20
How would I do a website like this? 5 56
maybe no no httpd.conf 6 47
PHP Query return divisible by 3 3 16
Part of the Global Positioning System A geocode (https://developers.google.com/maps/documentation/geocoding/) is the major subset of a GPS coordinate (http://en.wikipedia.org/wiki/Global_Positioning_System), the other parts being the altitude and t…
3 proven steps to speed up Magento powered sites. The article focus is on optimizing time to first byte (TTFB), full page caching and configuring server for optimal performance.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question