SQL Syntax problem :/

matthewkapp

You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

What the hell does that mean ? please help!

YappyDog

Show some of your code and maybe someone can help........

matthewkapp

<?php

mysql_connect("localhost", "***", "**") or die ("Error connecting to database");

mysql_select_db("*******") or die ("Error selecting database");

if (isset($submit)) {

if (strlen($username) < 5) {

   exit ("Your username is too short, go back and try a different one.");

}

if (strlen($password) < 5) {

   exit ("Your password is too short, go back and try a different one.");

}

$result = mysql_query("SELECT username FROM guildusers WHERE username='$username'");

if (mysql_num_rows != 0) {

   exit ("That username allready exists, please try a different one!");

}

if (strstr($username, "-")) {
echo
exit ("<p><center><b>- in Username Or Password is not allowed</b><pr>");
}
$addNew = mysql_query("
INSERT into member (username,password,email) VALUES ('" . $POST['username'] . "', '" .
md5($POST['password']) . "', '" . $_POST['email'] . "' ");

echo mysql_error();

echo "You have succesfully signed up!";

} else {

<form action="<?echo $PHP_SELF?>" method=post>

<table>

<TBODY>

<TR>

<TD align=right width=275><FONT face=Arial size=2 color="#000000">Desired Username

  <B>:</B>&nbsp;</FONT></TD>

<TD width=275><INPUT maxLength=30 name=username></TD></TR>

<TR>

<TD align=right width=275><FONT face=Arial size=2 color="#000000">Password

  <B>:</B>&nbsp;</FONT></TD>

<TD width=275><INPUT type=password maxLength=40 name=password></TD></TR>

<TR>

<TD align=right

width=275><INPUT type=submit value=Register! name=submit></TD>

<TD

width=275><INPUT type=reset value=Reset name=reset Form></TD></FORM></TR></TBODY><BR>

</table>

<?php

}

</BODY>

YappyDog

Does your insert SQL really have a carriage return before the word INSERT, or is it just the formatting on this forum? If it does, I'd take it out and try that.

$addNew = mysql_query("INSERT into member (username,password,email) VALUES ('" . $POST['username'] . "', '" . md5($POST['password']) . "', '" . $_POST['email'] . "' ");

matthewkapp

what u mena? by carrage?

YappyDog

Sorry, old school.........

Does it have a "new line" before the INSERT?

matthewkapp

$result = mysql_query("SELECT username FROM guildusers WHERE username='$username'");

if (mysql_num_rows != 0) {

   exit ("That username allready exists, please try a different one!");

}

if (strstr($username, "-")) {
echo
exit ("<p><center><b>- in Username Or Password is not allowed</b><pr>");
}
$addNew = mysql_query("INSERT into member (username,password,email) VALUES ('" . $POST['username'] . "', '" . md5($POST['password']) . "', '" . $_POST['email'] . "' ");
echo mysql_error();

echo "You have succesfully signed up!";

} else {

matthewkapp

You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near ''e10adc3949ba59abbe56e057f20f883e' at line 1You have succesfully signed up!

i have a new error

YappyDog

Well, I guess we do this the hard way then.........

You'll probably need to put in some debug type statements along the way to figure out how far you are getting before you get the error. Stuff like:

<?php
mysql_connect("localhost", "***", "**") or die ("Error connecting to database");

echo "<li>successfully connected<br>";

mysql_select_db("*******") or die ("Error selecting database");

echo "<li>selected database<br>";

NEW ERROR???
Okay then forget all this.............

YappyDog

The error is probably due to the encrypted password. To see what you are actually executing, try this:

$myquery = "INSERT into member (username,password,email) VALUES ('" . $POST['username'] . "', '" . md5($POST['password']) . "', '" . $_POST['email'] . "' ";

echo "<li>insert query = $myquery<br>";

matthewkapp

insert query = INSERT into member (username,password,email) VALUES ('matthew', 'e10adc3949ba59abbe56e057f20f883e', ''
You have succesfully signed up!

YappyDog

So you are missing the email and the ending parentheses.

You need it to end up looking like:

insert query = INSERT into member (username,password,email) VALUES ('matthew', 'e10adc3949ba59abbe56e057f20f883e', 'myaddress@nospam.com')

matthewkapp

i dont want the email it is not in my script to have one :/

YappyDog

Then you need to change your insert statement to not try to put it in...............

matthewkapp

insert query = INSERT into buddys (username,password) VALUES ('kipper', 'e10adc3949ba59abbe56e057f20f883e', '
You have succesfully signed up!

$myquery = "INSERT into buddys (username,password) VALUES ('" . $POST['username'] . "', '" . md5($POST['password']) . "', '";

echo "<li>insert query = $myquery<br>";

Whats wrong with it ? it is not putting it into a table!

YappyDog

Look at what it is printing out!

You have an extra comma and an extra single quote at the end. You are also still missing the ending parentheses.

matthewkapp

what does that mean?

YappyDog

insert query = INSERT into buddys (username,password) VALUES ('kipper', 'e10adc3949ba59abbe56e057f20f883e', '

You have an extra comma and an extra single quote at the end. You are also still missing the ending parentheses.

What you want your query to look like is something like this:

INSERT into buddys (username,password) VALUES ('kipper', 'e10adc3949ba59abbe56e057f20f883e')

matthewkapp

Do you ahve an email address and i wills end you my signup.php file and you can see if u can fix it?