|
| Chris Carter wrote:
> My MySQL version is 5.0. I am trying to run this small query but getting this
> SQL error
>
> "Error! Could not insert valuesYou have an error in your SQL syntax; check
> the manual that corresponds to your MySQL server version for the right
> syntax to use near ''userdata' ('fName', 'lName', 'email', 'confEmail',
> 'password', 'confirmPassword' at line 1"
>
> The syntax that I am working on is:
>
> $sql = "insert into 'userdata' ('fName', 'lName', 'email', 'confEmail',
> 'password', 'confirmPassword', 'address', 'city', 'state', 'postCode',
> 'gender', 'profession', 'ageGroup', 'mallPref', 'mailConsent') VALUES
> ($fName, $lName, $email, $confEmail, $password, $confirmPassword, $address,
> $city, $state, $postCode, $gender, $profession, $ageGroup, $mallPref,
> $mailConsent)";
>
> dont understand where is it wrong. Does capitalization of INSERT also
> matters. I am new to this. Please advice.
It's not the capitals, it's the single quotes.
You don't need single quotes around the table or field names, you need
them around the data:
$sql = "insert into userdata(fname, lname, email, confemail .....)
values ('" . mysql_real_escape_string($fName) . "', '" .
mysql_real_escape_string($lName) . "' .....
etc
Using mysql_real_escape_string will prevent sql injection attacks or
problems where a name has a quote in it itself (eg O'Reilly).
Mysql supports backticks around the names:
insert into `userdata` (`fname` .....
(other db's don't like this though).
--
Postgresql & php tutorials
http://www.designmagick.com/
|
|