I’m trying to insert a record into the database but it is giving me an error.
I’m using PHP and MySQL.
I need a successful result, but I’m getting an error and here is my code:
$Pname = $_POST[Pname];
$P_Price = $_POST[P_Price];
$P_Desc = $_POST[P_Desc];
$P_City = $_POST[P_City];
$P_Size = $_POST[P_Size];
$P_Rooms = $_POST[P_Rooms];
$P_garage = $_POST[P_garage];
$P_Address = $_POST[P_Address];
$P_Long = $_POST[P_Long];
$P_Lat = $_POST[P_Lat];
$Provinces_idProvinces = $_POST[Provinces_idProvinces];
// array for JSON response
$response = array();
$result = mysql_query("INSERT INTO property(Pname,P_Price,P_Desc,P_City,P_Size,P_Rooms,P_garage,P_Address,P_Long,P_Lat,Provinces_idProvinces)
VALUES ('".$Pname."',".$P_Price.",'".$P_Desc."','".$P_City."','".$P_Size."','".$P_Rooms."',".$P_garage.",'".$P_Address."',".$P_Long.",".$P_Lat.",".$Provinces_idProvinces."'");
if ($result) {
// successfully inserted into database
$response["success"] = 1;
$response["message"] = $result ;
// echoing JSON response
echo json_encode($response);
} else {
// failed to insert row
$response["success"] = 0;
$response["message"] = mysql_error();
Here is my error:
{"success":0,"message":"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''','','','',,'',,,'' at line 2"}
I checked everything, but it’s still giving me same error. Please help, it is almost 3 days now.
Here is the MySQL query:
delimiter $$
CREATE TABLE `property` (
`idProperty` int(11) NOT NULL AUTO_INCREMENT,
`Pname` varchar(45) DEFAULT NULL,
`P_Price` double DEFAULT NULL,
`P_Desc` varchar(45) DEFAULT NULL,
`P_City` varchar(45) DEFAULT NULL,
`P_Size` varchar(45) DEFAULT NULL,
`P_Rooms` varchar(45) DEFAULT NULL,
`P_garage` int(11) DEFAULT NULL,
`P_Address` varchar(45) DEFAULT NULL,
`P_Long` int(11) DEFAULT NULL,
`P_Lat` int(11) DEFAULT NULL,
`P_Sold` tinyint(1) DEFAULT '0',
`Provinces_idProvinces` int(11) NOT NULL,
PRIMARY KEY (`idProperty`),
KEY `fk_Property_Provinces` (`Provinces_idProvinces`),
CONSTRAINT `fk_Property_Provinces` FOREIGN KEY (`Provinces_idProvinces`) REFERENCES `provinces` (`idProvinces`) ON DELETE NO ACTION ON UPDATE NO ACTION
) ENGINE=InnoDB AUTO_INCREMENT=8 DEFAULT CHARSET=latin1$$
There are many problems with Your query:
$_GETor$_POST) – use at leastmysql_real_escape_stringfor this…,,,in Your query… Validate the form after submitting and check that each property has a value set other way set it to''(empty string) or0(zero) ornullINSERT INTO property (Pname, P_Price, P_Desc, P_City, P_Size, P_Rooms, P_garage, P_Address, P_Long, P_Lat, Provinces_idProvinces) VALUES (‘”.$Pname.”‘, “.$P_Price.”, ‘”.$P_Desc.”‘, ‘”.$P_City.”‘, ‘”.$P_Size.”‘, ‘”.$P_Rooms.”‘, “.$P_garage.”, ‘”.$P_Address.”‘, “.$P_Long.”, “.$P_Lat.”, “.$Provinces_idProvinces.“‘”);
After repairing these three errors/mistakes You shoudl be good.
Few recommendations:
mysql_*function us at leastmysqli_*or PDO.Additionally, you are using unquoted array indices:
Unless
P_Priceis a constant, you need to quote it:Activate error reporting to see all the errors you are causing, then fix them: