redeye
05-29-2006, 09:23 PM
I've rewritten my insert function with and without mysql_real_escape_string's
and I still get the same error. Can someone look it over for me? I think it has to do with with the "INSERT INTO table set..." portion of it. I'm referencing the table with $table_select.
Thanks in advance!
The error message
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''blank' set first_name='fff', mi='d', last_name='dfdf', suffix='Sr', ' at line 1
------
The code
$query = sprintf("INSERT INTO '%s' set
first_name='%s',
mi='%s',
last_name='%s',
suffix='%s',
address1='%s',
address2='%s',
city='%s',
state='%s',
zip5='%s',
zip4='%s',
state='%s',
phone_ac='%s',
phone_ex='%s',
phone_sub='%s',
email='%s',
bio='%s',
council_num='%s',
date_created='%s'
date_updated='%s'",
mysql_real_escape_string($table_select),
mysql_real_escape_string($first_name),
mysql_real_escape_string($mi),
mysql_real_escape_string($last_name),
mysql_real_escape_string($suffix),
mysql_real_escape_string($address1),
mysql_real_escape_string($address2),
mysql_real_escape_string($city),
mysql_real_escape_string($state),
mysql_real_escape_string($zip5),
mysql_real_escape_string($zip4),
mysql_real_escape_string($state),
mysql_real_escape_string($phone_ac),
mysql_real_escape_string($phone_ex),
mysql_real_escape_string($phone_sub),
mysql_real_escape_string($email),
mysql_real_escape_string($bio),
mysql_real_escape_string($council_num),
mysql_real_escape_string($date),
mysql_real_escape_string($date));
$result=mysql_query($query);
and I still get the same error. Can someone look it over for me? I think it has to do with with the "INSERT INTO table set..." portion of it. I'm referencing the table with $table_select.
Thanks in advance!
The error message
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''blank' set first_name='fff', mi='d', last_name='dfdf', suffix='Sr', ' at line 1
------
The code
$query = sprintf("INSERT INTO '%s' set
first_name='%s',
mi='%s',
last_name='%s',
suffix='%s',
address1='%s',
address2='%s',
city='%s',
state='%s',
zip5='%s',
zip4='%s',
state='%s',
phone_ac='%s',
phone_ex='%s',
phone_sub='%s',
email='%s',
bio='%s',
council_num='%s',
date_created='%s'
date_updated='%s'",
mysql_real_escape_string($table_select),
mysql_real_escape_string($first_name),
mysql_real_escape_string($mi),
mysql_real_escape_string($last_name),
mysql_real_escape_string($suffix),
mysql_real_escape_string($address1),
mysql_real_escape_string($address2),
mysql_real_escape_string($city),
mysql_real_escape_string($state),
mysql_real_escape_string($zip5),
mysql_real_escape_string($zip4),
mysql_real_escape_string($state),
mysql_real_escape_string($phone_ac),
mysql_real_escape_string($phone_ex),
mysql_real_escape_string($phone_sub),
mysql_real_escape_string($email),
mysql_real_escape_string($bio),
mysql_real_escape_string($council_num),
mysql_real_escape_string($date),
mysql_real_escape_string($date));
$result=mysql_query($query);