Tuesday, 10 September 2013

Could not enter data: You have an error in your SQL syntax?

Could not enter data: You have an error in your SQL syntax?

I Checked my code again and again but i don't khow where is my mistake.it
will show an error.
<?php
{ // Secure Connection Script
include('../Secure/dbConfig.php');
$dbSuccess = false;
$dbConnected =
mysql_connect($db['hostname'],$db['username'],$db['password']);
if ($dbConnected) {
$dbSelected = mysql_select_db($db['database'],$dbConnected);
if ($dbSelected) {
$dbSuccess = true;
} else {
echo "DB Selection FAILed";
}
} else {
echo "MySQL Connection FAILed";
}
// END Secure Connection Script
}
if(! $dbConnected )
{
die('Could not connect: ' . mysql_error());
}
{ // File Properties
$file = $_FILES['image']['tmp_name'];
if(!isset($file))
echo "Please Choose an Image.";
else {
$image = addslashes(file_get_contents($_FILES['image']['tmp_name']));
$image_size = getimagesize($_FILES['image']['tmp_name']);
if($image_size == FALSE)
echo "That is not an image.";
else
{
$lastid = mysql_insert_id();
echo "Image Uploaded.";
}
}
}
$sql = "INSERT INTO hisell ( Category, Title, Condition, Brand, Model,
Price, Additional_Info, Name, Address1, Zipcode1, Address2, Zipcode2,
Address3, Zipcode3, City, Mobile, phone1, phone2, phone3, phone4, Email1,
Email2, Fax, Url, image)".
"VALUES
('$_POST[category]','$_POST[title]','$_POST[condition]','$_POST[Brand]','$_POST[Model]','$_POST[price]','$_POST[description]','$_POST[name]','$_POST[address1]','$_POST[zipcode1]','$_POST[address2]','$_POST[zipcode2]','$_POST[address3]','$_POST[zipcode3]','$_POST[city]','$_POST[mobile]','$_POST[phone1]','$_POST[phone2]','$_POST[phone3]','$_POST[phone4]','$_POST[email1]','$_POST[email2]','$_POST[fax]','$_POST[url]','$image')";
mysql_select_db('market');
$retval = mysql_query( $sql );
if(! $retval )
{
die('Could not enter data: ' . mysql_error());
}
echo "Entered data successfully\n";
mysql_close($dbConnected);
?>
the image will process and ready to save into database but the error will
prevent to save other data in database too.
Error message is
Could not enter data: You have an error in your SQL syntax; check the
manual that corresponds to your MySQL server version for the right syntax
to use near 'Condition, Brand, Model, Price, Additional_Info, Name,
Address1, Zipcode1, Addre' at line 1
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)