[RESOLVED] T_CONSTANT_ENCAPSED_STRING. Is it the $description?

n3rd

writing a small bit to track events for when someone makes a change on a website.
here is the code:

// Create History Footprint

include('connect.php');

// set date
$addate = date('Y-m-d');

// Make Description
$description = "Added a new member to the client login";

// query
$sql="INSERT INTO history (date, madeby, description) VALUES ("'.$_POST['addate'].'", "'.$_SESSION['username'].'", "'.$_POST['description'].'")";

if (!mysql_query($sql,$con))
   {
	die('Error: ' . mysql_error());
    }

mysql_close($con);

At first I'm thinking it's a white space issue with the description.. no?

Thanks in advance,
Zak

bradgrafelman

You told us what type of error, but didn't show us which line the error is on. PHP tells you this... passing the info on to us would help us, too.
When posting PHP code, please use the board's [PHP][/PHP] bbcode tags - they make the code much, much easier to read (as well as aiding the diagnosis of syntax errors). You should edit your post now and add these bbcode tags to help others in reading/analyzing your code.
If you had used an editor with syntax highlighting, or the PHP bbcodes I just mentioned, you would see that the error lies with the $sql variable. More specifically, you've switched the order of the quotes around - the double quotes are ending the string.

n3rd

sorry about that, thanks for pointing it out. also, the problem is in the sql line..

i guess im not seeing what you say about the double quotes ending it, tho.

:queasy:

bradgrafelman

Take just this much of the query (with added text at the end to illustrate):

$sql="INSERT INTO history (date, madeby, description) VALUES (" blah

You see, the double quote right there ended the string. In your query, after the double quote, you have another single quote. This starts a new string ... but then you have .$POST as if you were trying to concatenate the $POST data onto the end of a string piece.

What you need to do is reverse the order of the quotes:

$sql="INSERT INTO history (date, madeby, description) VALUES ('".$_POST['addate']."'

Now, the single quote comes before the double quote (which was used to delimit the string) so it will appear inside the query. Next there's the double quote which ends the string piece, a period (concatenation operator), and a variable. I reversed the order on the other side too: period (concatenate again), a double quote (to start a string piece), and a single quote (to appear inside the query itself). When written properly, you'll know - the syntax highlighting looks normal now.