Solved

PHP INSERT Query Statement Issue...

Posted on 2012-03-22
7
376 Views
Last Modified: 2012-03-22
I am getting an error message when trying to insert data into my database using the INSERT query that reads:
"There was an error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' 320, 'Testing', 0, 'Lorem ipsum dolor sit amet, consectetur adipiscing elit. Na' at line 1"

The following is the statement I am using...
<?php
	if(isset($_POST['subticket'])) {
		$postsub = str_replace("'", "&#8217;", $_POST["sub"]);
		$postname = str_replace("'", "&#8217;", $_POST["fname"]);
		$postemail = str_replace("'", "&#8217;", $_POST["email"]);
		$postexten = $_POST['extension'];
		$postissue = str_replace("'", "&#8217;", $_POST["desc"]);
		$postinfo = str_replace("'", "&#8217;", $_POST["exinfo"]);
		
		if ($postsub != "" && $postname != "" && $postemail != "" && $postexten != "" && $postissue != "" && $postinfo != "") {
			$insert_query = "INSERT INTO kbticket (uid, extension, sub, level, issue, exinfo, stat) VALUES (" . $_POST['uid'] . ", $postexten, '$postsub', " . $_POST['level'] . ", '$postissue', '$postinfo', " . $_POST['stat'] . ")";
			$insert_result = mysql_query($insert_query, $connection);
			if ($insert_result) {
			$hdaddsuccess = 1;	
			
			$to = "helpdesk@norrishomefurnishings.com, " . $postemail;
			$from = "helpdesk@norrishomefurnishings.com";
			$hdemail_query = "SELECT * FROM hdticket ORDER BY id DESC LIMIT 1";
			$hdemail_result = mysql_query($hdemail_query, $connection);
			while ($hdemail = mysql_fetch_array($hdemail_result)) {
			$subject = "Helpdesk Ticket #" . $hdemail['id'] . " Updated: " . $hdemail['sub'] . "";
			$message = "<strong>PLEASE SAVE THIS INFORMATION UNTIL YOUR TICKET HAS BEEN SUCCESSFULLY CLOSED!</strong><br /><strong>ID: </strong>" . $hdemail['id'] . "<br /><strong>FULL NAME: </strong>" . $postname . "<br /><strong>EMAIL: </strong>" . $postemail . "<br /><strong>EXTENSION: </strong>" . $postext . "<br /><br /><strong>MESSAGE: </strong>" . $postissue . "<br /><br /><strong>EXTRA INFO: </strong>" . $postinfo;
			}
			$headers = "From: Norris Portal Help Desk <helpdesk@norrishomefurnishings.com>\r\n";
			$headers .= "Reply-To: ". strip_tags($from) . "\r\n";
			$headers .= "CC: anegron@norrishomefurnishings.com\r\n";
			$headers .= "MIME-Version: 1.0\r\n";
			$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
			
				if ($from != "" && $to != "" && $subject != "" && $message != "") {
					if (mail($to, $subject, $message, $headers)) {
						$mailsuccess = 1;
					} else {
						$mailfail = 1; die("There was an error: " . mysql_error());
					}
				} else {
					$mailfail = 1; die("There was an error: " . mysql_error());
				}
			
			} else {
			$hdaddfail = 1;	die("There was an error: " . mysql_error());
			}
		}
		
	}
?>

Open in new window


Your help in this matter is extremely appreciated. Thank you in advance!
0
Comment
Question by:Rumbananas
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 

Author Comment

by:Rumbananas
ID: 37754541
This issue starts at around line 11...
0
 
LVL 17

Expert Comment

by:bigeven2002
ID: 37754673
Hello,

What is your datatype for the extension and stat fields?  I noticed they do not have quotes around them on the INSERT statement so I assume it is a numeric datatype?
0
 

Author Comment

by:Rumbananas
ID: 37754721
The Query is getting hung up on the 'extension' field is set up as an integer in the database, as well as the 'stat' field. The extension '320' is supposed to be a phone extension, and the 'stat' field is drawing data from the form using the select field with numerical values.
0
Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

 
LVL 55

Expert Comment

by:Huseyin KAHRAMAN
ID: 37754724
put an echo after line 11

echo $insert_query

and post the value
0
 
LVL 55

Accepted Solution

by:
Huseyin KAHRAMAN earned 500 total points
ID: 37754732
or try to put ' everywhere :)

$insert_query = "INSERT INTO kbticket (uid, extension, sub, level, issue, exinfo, stat) VALUES ('" . $_POST['uid'] . "', '$postexten', '$postsub', '" . $_POST['level'] . "', '$postissue', '$postinfo', '" . $_POST['stat'] . "')";
0
 
LVL 17

Expert Comment

by:bigeven2002
ID: 37754784
Like Hain said, you can try quoting all of them, or just use proper concatenation.
$insert_query = "INSERT INTO kbticket (uid, extension, sub, level, issue, exinfo, stat) VALUES (".$_POST['uid'].",".$postexten.",'".$postsub."','". $_POST['level']."','".$postissue."', '".$postinfo."', ".$_POST['stat'].")";

Open in new window

0
 

Author Closing Comment

by:Rumbananas
ID: 37754866
Thank you so much, I have no idea why I didn't think of it, but it did and I can't be more grateful!
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.   (CODE) (CODE) Then you just need to pass your date to the function. If i…
In this blog post, we’ll look at how ClickHouse performs in a general analytical workload using the star schema benchmark test.
Learn the basics of lists in Python. Lists, as their name suggests, are a means for ordering and storing values. : Lists are declared using brackets; for example: t = [1, 2, 3]: Lists may contain a mix of data types; for example: t = ['string', 1, T…
Learn the basics of modules and packages in Python. Every Python file is a module, ending in the suffix: .py: Modules are a collection of functions and variables.: Packages are a collection of modules.: Module functions and variables are accessed us…

687 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question