I am new to PHP and SQL, but am creating a login system. The problem I have hit against is:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Surname typed in')' at line 5
So I look into the code, and I believe it refers to:
mysql_query("INSERT INTO users (email, password, hash, forename, surname) VALUES(
'". mysql_escape_string($email) ."',
'". mysql_escape_string($password) ."',
'". mysql_escape_string($hash) ."',
'". mysql_escape_string($forename) .",
'". mysql_escape_string($surname) ."') ") or die(mysql_error());
After looking over, I can't see a syntax error. Anyone spot it?
mysql_*functions in new code. They are no longer maintained and are officially deprecated. See the red box? Learn about prepared statements instead, and use PDO or MySQLi - this article will help you decide which. If you choose PDO, here is a good tutorial.mysql_select_db("logintest")? (sorry, I meant db, not table...2am!)