• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

PHP Help!

I'm guessing you need quotes around the values for IPA and VOTE in your insert statement.

You are also begging to be hacked via sql injection.
 
lokey thanks i did that and now i get...

INSERT INTO survey1 ( IDNO , IPA , VOTE ) VALUES (NULL , '', '')'Query failed: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 1

that query shouldnt be ran until submit is clicked... what the hek?
 
loke - do u have aim? its not a modified script... i tried adding in those functions last second but got lazy and didnt implement them in. it
 
Originally posted by: Don Rodriguez
lokey thanks i did that and now i get...

INSERT INTO survey1 ( IDNO , IPA , VOTE ) VALUES (NULL , '', '')'Query failed: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 1

that query shouldnt be ran until submit is clicked... what the hek?
Click to expand...
How exactly are we supposed to tell you what's wrong with your query when we don't know your schema? How about posting the table definition.
 
$query = "INSERT INTO \"survey1\" ( \"IDNO\" , \"IPA\" , \"VOTE\" ) VALUES (NULL , ".$domain.", ".$casted.");";

could be:

$query = 'INSERT INTO survey1 (IDNO, IPA, VOTE) VALUES (0, \'' . htmlspecialchars($domain) . '\', \'' . htmlspecialchars($casted) . '\')';

EDIT: Note that I use all single quotes, they kinda of look like double quotes when displayed in my reply.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top