Error in syntax!?

Deposeni

You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'where, signup, prodid, order_number, card_holder_name) VALUES (

I keep on getting this, for the below code:

<?
include("config.php");

$a = new database();
$a->connect();


$prodid = $_POST['product_id'];
$order_number = $_POST['order_number'];
$card_holder_name = $_POST['card_holder_name'];


/*$date = "04/30/1973";
list($month, $day, $year) = split('[/.-]', $date);
echo "Month: $month; Day: $day; Year: $year<br />\n";*/

$userinfo = $_COOKIE['order'];
list($name, $email, $domain, $referral, $username, $pword, $plan) = split('[,]', $userinfo);
$hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']);

$prodid = $_POST['product_id'];

//Add the user.
$add_user = "INSERT INTO clients (name, email, un, pw, ip, domain, plan, where, signup, prodid, order_number, card_holder_name) VALUES ('$name', '$email', '$username', '$pword', '$hostname', '$domain', '$plan', '$referral', '".time()."' '$prodid', '$order_number', '$card_holder_name')";
mysql_query($add_user) or die(mysql_error());
?>

Can anyone see anything wrong with this? I sure can't - I'm trying to write an order form return page, from 2checkout.com - so that it can confirm a user HAS in fact ordered (By adding them to the database, then someone checking to make sure they really did order).

LordShryku

WHERE is a reserved word. You shouldn't be using it as a field name.

Deposeni

... Wow ... Thanks - such a simple fix 🙁

Deposeni

New error:

Column count doesn't match value count at row 1

New code:

$add_user = "INSERT INTO clients (name, email, un, pw, ip, domain, plan, referral, signup, prodid, order_number, card_holder_name) VALUES ('$name', '$email', '$username', '$pword', '$hostname', '$domain', '$plan', '$referral', '".time()."' '$prodid', '$order_number', '$card_holder_name')";

Exported table:

CREATE TABLE clients (
id smallint(6) NOT NULL auto_increment,
status varchar(16) NOT NULL default 'inactive',
name varchar(255) NOT NULL default '',
email varchar(255) NOT NULL default '',
un varchar(100) NOT NULL default '',
pw varchar(100) NOT NULL default '',
notes mediumtext NOT NULL,
ip varchar(255) NOT NULL default '',
domain varchar(255) NOT NULL default '',
plan char(3) NOT NULL default '',
referral varchar(255) NOT NULL default '',
tickets varchar(255) NOT NULL default '0',
signup int(16) NOT NULL default '0',
prodid tinyint(4) NOT NULL default '0',
order_number varchar(255) NOT NULL default '',
card_holder_name varchar(255) NOT NULL default '',
PRIMARY KEY (id)
) TYPE=MyISAM AUTO_INCREMENT=1 ;

Any ideas? I've never seen this error before

leatherback

It means that there are not the same number of colums defined as there are values which you are trying to insert.

Most likely this is the problem:

'".time()."'

Have you tried something like:

$time = time()

and inserting $time?

Deposeni

Nope 🙁

Edit: Errr nope as in nope it doesn't work

ahundiak

Missing a comma between time and prodid.
Also, just for info, this is the same query:

$add_user =
"INSERT INTO clients (
    name, email, un, pw,
    ip, domain, plan, referral,
    signup, prodid, order_number, card_holder_name
)
VALUES (
    '$name', '$email', '$username', '$pword',
    '$hostname', '$domain', '$plan', '$referral',
    '".time()."' '$prodid', '$order_number', '$card_holder_name'
)";

But possibly easier to read as it does not scroll off the page.

Finally, make sure you understand what int(16) really means as a display size of 16 for a regular integer does not make a great deal of sense.

Deposeni

Originally posted by ahundiak
Missing a comma between time and prodid.
Also, just for info, this is the same query:
$add_user =
"INSERT INTO clients (
    name, email, un, pw,
    ip, domain, plan, referral,
    signup, prodid, order_number, card_holder_name
)
VALUES (
    '$name', '$email', '$username', '$pword',
    '$hostname', '$domain', '$plan', '$referral',
    '".time()."' '$prodid', '$order_number', '$card_holder_name'
)";
But possibly easier to read as it does not scroll off the page.

Finally, make sure you understand what int(16) really means as a display size of 16 for a regular integer does not make a great deal of sense. [/B]

Wow... How did that happen? O_o, thanks...

And the syntax, as is - is just for coding - I always go back and make it pretty once I debug it.

And about the int(16) - thats just what my friend taught me to do for time() tag column's

As for it not making sense? An int is... 65,536 max? Something like that? Is that characters LONG or the actual number 65k

ahundiak

When it comes to programing I'd say your best friend is really the manual. Head over to mysql.com and read about the integer data type. You might be surprised.

leatherback

Why don't you use the date/time type for time? Tat is what it was made for!

Deposeni

I think I will check out mysql.com... As for the time function - I feel more comfortable putting in time(), rather than a formatted version - that way I have complete control over it.