Error 1064: Help

dcjones

Hi all

I have the follwoing code which shows this error:

Error 1064 : You have an error in your SQL syntax near '' at line 2.

The Code:

<?
include 'error.inc';
include 'db.inc';

// Initialise an error string
$errorString = "";

// Clean and trim the POSTed values

foreach($HTTP_POST_VARS as $varname => $value)
$formVars[$varname] = trim(clean($value, 50));

// Vaildate the firstname
if (empty($formVars["firstName"]))
// First name cannot be a null string
$errorString .=
"\n<br>The first name field cannot be blank.";

// Validate the Surname
if (empty($formVars["surname"]))
// the user's surname cannot be a null string
$errorString .=
"\n<br>The surname field cannot be blank.";

// Validate the street
if (empty($formVars["street"]))
// the user's address cannot be a null string
$errorString .=
"\n<br>You must supply at least one address line.";

// Validate the suburb not required

// Validate the
if (empty($formVars["town"]))
// the user's city cannot be a null string

// Validate the county
if (empty($formVars["county"]))
// the user's city cannot be a null string

    // Validate the Telephone No

if (empty($formVars["tel"]))
// the user's city cannot be a null string

// Validation of  the Fax No not required
// validation of the emial address not required
// validation of the website address not required

// Now the script has finished the validation,
// check if there were any errors
if (!empty($errorString))
{
// There are errors. Show them and exit.
?>
<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>
<head><title>Customer Details Error</title></head>
<body bgcolor="white">

<h1>Customer Details Error</h1>
<?=$errorString?>
<br><a href="uip.php">Return to the customer form</a>
</body>
</html>
<?

exit;
}

$connection = mysql_connect($server, $user, $password);

mysql_select_db($database, $connection);

// Create a query to insert the customer
$query = "INSERT INTO accom
set id = NULL, " .
"surname = \"" . $formVars["surname"] . "\", " .
"firstname = \"" . $formVars["firstName"] . "\", " .

"street = \"" . $formVars["street"] . "\", " .
"suburb = \"" . $formVars["suburb"] . "\", " .
"town = \"" . $formVars["town"] . "\", " .
"county = \"" . $formVars["county"] . "\", " .
"postcode = \"" . $formVars["postcode"] . "\", " .
"tel = \"" . $formVars["tel"] . "\", " .
"fax = \"" . $formVars["fax"] . "\", " .
"email = \"" . $formVars["email"] . "\", " .
"web = \"" . $formVars["web"] . "\", " .
"descript = \"" . $formVars["descript"] . "\", " ;

// Run the query on the customer table
if (!(@ mysql_query($query, $connection)))
showerror();

// Find out the cust_id of the new customer
$ID = mysql_insert_id();

// Now show the customer receipt
header("Location: customer_receipt.php?ID=$ID");
?>

Can anyone see the problem

Lars_Berg

there is a superfluous comma at the end of the statement.

"descript = \"" . $formVars["descript"] . "\", " ;

should be

"descript = \"" . $formVars["descript"] . "\" " ;

Another thing is that you should not use " to delimit strings in SQL. It is a non-standard syntax while the proper thing is to use '

(The insert syntax is also non-standard, works only in mysql.)

dcjones

Hi,

Thanks for that it now works and I will take onboard what you have said.

Many thanks

Dereck