0

I am using PHP to point the text area input to MySQL database. Right now it is throwing the following error: "Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 3"

In the code I posted, the block starting with "mysql_select_db("main_data0",$con);" and ending in "('$_POST[textarea1]'";" is repeated for each text area that I have in my html.

I tried switching to "mysqli" instead of "mysql_connect", but this only caused it to show WAY more errors.

<?php
$servername = "standridgen77573.domaincommysql.com";
$username = "nat_0g";
$password = "Lens981#bent";
$databasename = "main_data0";

try {
    $conn = new PDO("mysql:host=$servername;dbname=$databasenam", $username, $password);
    // set the PDO error mode to exception
    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    echo "Connected successfully"; 
    }
catch(PDOException $e)
    {
    echo "Connection failed: " . $e->getMessage();
    }

if(isset($_POST['textarea1'], $_POST['textarea2'], $_POST['textarea3'], $_POST['textarea4'], $_POST['textarea5'], $_POST['textarea6'], $_POST['textarea7'], $_POST['textarea8'], $_POST['textarea9'])){
    $postdata_1 = $_POST['textarea1']; // here i declare post value to the $postdata variable    
    $postdata_2 = $_POST['textarea2']; // here i declare post value to the $postdata variable   
    $postdata_3 = $_POST['textarea3']; // here i declare post value to the $postdata variable
    $postdata_4 = $_POST['textarea4']; // here i declare post value to the $postdata variable    
    $postdata_5 = $_POST['textarea5']; // here i declare post value to the $postdata variable   
    $postdata_6 = $_POST['textarea6']; // here i declare post value to the $postdata variable
    $postdata_7 = $_POST['textarea7']; // here i declare post value to the $postdata variable    
    $postdata_8 = $_POST['textarea8']; // here i declare post value to the $postdata variable   
    $postdata_9 = $_POST['textarea9']; // here i declare post value to the $postdata variable


    $NewRecord = $conn->prepare("INSERT INTO info0 (textarea1, textarea2, textarea3, textarea4, textarea5, textarea6, textarea7, textarea8, textarea9) VALUES (?,?,?,?,?,?,?,?,?)"); // here is my mysql statement
    $NewRecord->execute([$postdata_1, $postdata_2, $postdata_3, $postdata_4, $postdata_5, $postdata_6, $postdata_7, $postdata_8, $postdata_9]); // here i use $postdata variable. Every ? mark represent one variable.
}
?>
Improve this question
4
  • your missing a ) Commented Aug 31, 2019 at 3:10
  • $sql="INSERT INTO info0 (textarea1) VALUES ('{$_POST['textarea1']}')" Commented Aug 31, 2019 at 3:10
  • Prevent SQL injection! stackoverflow.com/questions/129677/… Commented Aug 31, 2019 at 4:35
  • man, i don't know how i missed that. gonna try fixing that, then if that doesnt work im gonna try the PDO connection suggested below. Commented Aug 31, 2019 at 17:23

1 Answer 1

Reset to default
1

I'll recommend you a PDO connection to the database. It's much easier for beginners, and it's much secured.

$servername = "localhost";
$username = "username";
$password = "password";
$databasename = "databasename";

try {
    $conn = new PDO("mysql:host=$servername;dbname=$databasenam", $username, $password);
    // set the PDO error mode to exception
    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    echo "Connected successfully"; 
    }
catch(PDOException $e)
    {
    echo "Connection failed: " . $e->getMessage();
    }

Then after you connected to the database you can do something like this.

Single

if(isset($_POST['textarea1'])){
    $postdata = $_POST['textarea1']; // here i declare post value to the $postdata variable
    $NewRecord = $conn->prepare("INSERT INTO info0 (textarea1) VALUES (?)"); // here is my mysql statement
    $NewRecord->execute([$postdata]); // here i use $postdata variable. The ? mark represent this.
}

Multiple

if(isset($_POST['textarea_1'], $_POST['textarea_2'], $_POST['textarea_3'])){
    $postdata_1 = $_POST['textarea_1']; // here i declare post value to the $postdata variable    
    $postdata_2 = $_POST['textarea_2']; // here i declare post value to the $postdata variable   
    $postdata_3 = $_POST['textarea_3']; // here i declare post value to the $postdata variable
    $NewRecord = $conn->prepare("INSERT INTO info0 (textarea1, textarea2, textarea3) VALUES (?,?,?)"); // here is my mysql statement
    $NewRecord->execute([$postdata_1, $postdata_2, $postdata_3]); // here i use $postdata variable. Every ? mark represent one variable.
}
Improve this answer
Sign up to request clarification or add additional context in comments.

8 Comments

Doing some studying right now, but I'm gonna try this out as soon as I'm done. Thanks much!
What would the second piece of code look like if I need to do that for multiple text areas? Could I just repeat the if block for each one?
Nope, it didn't work. There is an error in the following part of the code: $NewRecord->execute([$postdata_1, $postdata_2, $postdata_3, $postdata_4, $postdata_5, $postdata_6, $postdata_7, $postdata_8, $postdata_9]);
Please provide the code which one u used. Full code
Parse error: syntax error, unexpected '[', expecting ')' in /hermes/bosnaweb18a/b2811/dom.standridgen77573/public_html/data.php on line 41
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.