2

Teaching myself SQL and PHP at the same time and am getting this error:

Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Name, Last Name, Course_id, Professor) VALUES ('duke','john','doe','cpsc','teacher' at line 1 with query

My code is supposed to take the information from the forms and insert it into a database that I already creadI've been looking at it for hours and have searched for the internet for a while, but still can't find whats causing this. Can anyone help me out?

Here's my test.php file with the forms:

<html>
    <head>
        <title>Insert data into database</title>
    </head>

    <body>
        <form method="post" action="handler.php">
            <p>What is your University:</p>
            <input type="text" name="uni"><br>

            <p>What is your First Name:</p>
            <input type="text" name="f_name"><br>

            <p>What is your Last Name:</p>
            <input type="text" name="l_name"><br>

            <p>What is your Course:</p>
            <input type="text" name="cou_id"><br>
            <p>Who was your Professor for that course?:</p>

            <input type="text" name="pro_id"><br>
            <input type="submit" value="Submit" />
        </form>
    </body>
</html>

and here's my handler.php file that stores the information from the forms into the database:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
        <title>Untitled Document</title>
    </head>

    <body>
        <?php
            $uni = $_POST['uni']; 
            $uni= mysql_real_escape_string($uni);
            $f_name = $_POST['f_name'];
            $f_name = mysql_real_escape_string($f_name);
            $l_name = $_POST['l_name'];
            $l_name = mysql_real_escape_string($l_name);
            $cou_id = $_POST['cou_id'];
            $cou_id = mysql_real_escape_string($cou_id);
            $pro_id = $_POST['pro_id'];
            $pro_id = mysql_real_escape_string($pro_id);

            $con = mysql_connect("localhost","root","") or die(mysql_error());
            mysql_select_db("tester") or die(mysql_error()); 

            if (!mysql_query("INSERT INTO my_hw (University, First Name, Last Name, Course_id, Professor) VALUES ('$uni','$f_name','$l_name','$cou_id','$pro_id')"))
              {
              die('Error: ' . mysql_error() . " with query ". $sql);
              }
            echo "1 record added";

            mysql_close($con);
        ?>
    </body>
</html>

Thanks

Improve this question

3 Answers 3

Reset to default
1

You have spaces in your First Name and Last Name columns:

 INSERT INTO my_hw (University, `First Name`, `Last Name`, Course_id, Professor) VALUES     ('$uni','$f_name','$l_name','$cou_id','$pro_id')

Notice the added backticks.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Thank you, that was a dumb mistake. You're supposed to have the backticks for reserved words as well right? Are there any other uses for them?
@spentpat - in your case they can be used for spaces in column names. I would not recommend using reserved words for a column name.
0

Change your column names so they do not have spaces. It is bad practice to have spaces in column names.

Improve this answer

Comments

0

Since you are using mysql, the column names must be delimited by backticks not single quotes since they contain spaces in between,

INSERT INTO my_hw (University, `First Name`, `Last Name`,...
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.