You have an error in your SQL syntax. Help!

SevEre · #1 (**permalink**) 08-31-04, 06:50 PM

This is the error im getting

Code:

gr_query() error with sql statement:INSERT INTO file_comments(fileid,username,comment) VALUES(,"Big-1","Everytime i try to post my comment i get this sql error!!!") mysql:You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '"Big-1","Everytime i try to post my comment i get this sql error

I think this is the string thats giving me trouble.

PHP Code:


			
gr_query('INSERT INTO file_comments fileid,username,comment VALUES('.$_POST['dib'].',"'.$_POST['username'].'","'.mysql_escape_string($_POST['comments']).'")');

blaw · #2 (**permalink**) 08-31-04, 08:28 PM

Hi there,

Try this:

Code:

 gr_query('INSERT INTO file_comments fileid,username,comment VALUES("'.$_POST['dib'].'","'.$_POST['username'].'","'.mysql_escape_string($_POST['comments']).'")');

You got that error because you did not have any value in $_POST['dib'], creating a blank and breaking the syntax. I put double quotation marks around this variable, so even if this variable does not have a value, it will be treated as simply empty literal value. If this variable is supposed to hold a non-empty value all the time, there must be some mistakes made within your script.

HTH.

SevEre · #3 (**permalink**) 08-31-04, 10:05 PM

Quote:

Originally Posted by blaw

Hi there,

Try this:

Code:

 gr_query('INSERT INTO file_comments fileid,username,comment VALUES("'.$_POST['dib'].'","'.$_POST['username'].'","'.mysql_escape_string($_POST['comments']).'")');

You got that error because you did not have any value in $_POST['dib'], creating a blank and breaking the syntax. I put double quotation marks around this variable, so even if this variable does not have a value, it will be treated as simply empty literal value. If this variable is supposed to hold a non-empty value all the time, there must be some mistakes made within your script.

HTH.

Thanks but it didnt work either. This is very frustrating because i paid someone from these forums to add a comments script and a download counter to my original script. Well he didnt finish the job i paid him to do. So i keep getting errors. If someone can please help me out by taking a look at what i have i would be most appreciative.

Thanks in Advanced

SevEre · #4 (**permalink**) 09-01-04, 01:32 AM

Can anyone help fix these errors?

blaw · #5 (**permalink**) 09-01-04, 01:49 AM

Hello again,

Are you getting the same error or a different one?

Try this then:

PHP Code:


			
gr_query("INSERT INTO file_comments (fileid, username, comment) VALUES ('".$_POST['dib']."', '".$_POST['username']."', '".mysql_escape_string($_POST['comments'])."')");

Good luck.

<?Wille?> · #6 (**permalink**) 09-01-04, 01:54 AM

isint that supposed to do like this??

PHP Code:


			
gr_query('INSERT INTO file_comments (fileid, username, comment) VALUES("'.$_POST['dib'].'","'.$_POST['username'].'","'.mysql_escape_string($_POST['comments']).'")');

SevEre · #7 (**permalink**) 09-01-04, 04:02 AM

Both of those kinda worked. I stopped recieving the error and it said comment posted succesfully but the comment does not appear on the page. If anyone can help me via email or aim that would be so awesome. I found a few errors that i need help with so if anyone has the time please reply.

Thanks in advanced

SevEre · #8 (**permalink**) 09-08-04, 06:05 AM

Anyone help? The comment is being stored in the database but it is not showing on the page... Anyhelp? I get this error where the comment is supposed to show

Code:

gr_query() error with sql statement:SELECT posted,username,comment FROM file_comments WHERE fileid = mysql:You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1