I wonder is anyone can help me with this annoying problem. Trying to insert some data into a table. In the mean time, I want to leave out some fields and not insert something there. For some reason I’m getting Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING error. Is there something I’m doing wrong below?
Your help will be appreciated.
<?php
function sqlEscape($string){
return "'".mysql_real_escape_string($string)."'";
}
if( $_GET['location'] == ''
|| $_GET['name'] == ''
|| $_GET['school'] == ''
|| $_GET['reason'] == ''
|| $_GET['address'] == ''
|| $_GET['postcode'] == ''
|| $_GET['email'] == ''
|| $_GET['telephone'] == '') {
exit('You missed a value');
}
include('theConfig.php');
$con = mysql_connect($host, $username, $password) or die(mysql_error()) ;
if (!$con){
die('Could not connect: ' . mysql_error());
} mysql_select_db($db, $con); //$description = mysql_real_escape_string($_GET[description]);
$sql = sprintf('INSERT INTO applications (location, name, school, reason, address, postcode, email, telephone, town, county, state, country)
VALUES(%s, %s, %s, %s, %s, %s, %s, %s, %s, %s,'','')',
sqlEscape($_GET['location']),
sqlEscape($_GET['name']),
sqlEscape($_GET['school']),
sqlEscape($_GET['reason']),
sqlEscape($_GET['address']),
sqlEscape($_GET['postcode']),
sqlEscape($_GET['email']),
sqlEscape($_GET['telephone']));
if (!mysql_query($sql,$con)){
die('Error: ' . mysql_error());
}
header('Location: thankyou.php');
mysql_close($con)
?>
You have ”, ”)’ which is incorrect, b/c the first quote in this sequence closes the string, so it’s actually three strings togather: ‘INSERT … ‘, then ‘, ‘, and then ‘)’. You must escape quotes in the string with backslash or use double quotes to enclose whole string:
(escaping)
(using double quotes)