Below I have been working editing a file to test if my database works correctly. I keep getting: Parse error: syntax error, unexpected T_STRING in /home/pawz/public_html/kaboomlabs.com/PDI/database.php on line 45 I looked at line 45, I can't figure out what was wrong with it, the line is bolded, now mind you I am following a book, so I am probably missing something very basic. Is there anyway that someone here can tell me what I need to do... Thanks. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>PDI Non-Conforming Materials Report </title> </head> <body> <h2>PDI Non-Conforming Materials Report</h2> <?php $Added_By = $_POST['Added_By']; $Added_By_Date = $_POST['Added_By_Date']; $Nexx_Part = $_POST['Nexx_Part']; $Nexx_Rev = $_POST['Nexx_Rev']; $Nexx_Part_Description = $_POST['Nexx_Part_Description']; $NCMR_Qty = $_POST['NCMR_Qty']; $JO = $_POST['JO']; $SN = $_POST['SN']; $INV = $_POST['INV']; $Nexx_Inventory_On_Hand = $_POST['Nexx_Inventory_On_Hand']; $Nexx_Inventory_Chk = $_POST['Nexx_Inventory_Chk']; $Supplier_Name = $_POST['Supplier_Name']; $Supplier_Number = $_POST['Supplier_Number']; $Manufacturer_Part_Number = $_POST['Manufacturer_Part_Number']; $Manufacturer_Serial_Number = $_POST['Manufacturer_Serial_Number']; $NCMR_ID = $_POST['NCMR_ID']; $Nonconformity = $_POST['Nonconformity']; $Disposition = $_POST['Disposition']; $Comments = $_POST['Comments']; $CommentsAdditional_Details = $_POST['CommentsAdditional_Details']; $PO = $_POST['PO']; $PO_Date = $_POST['PO_Date']; $Date_Received = $_POST['Date_Received']; $dbc = mysqli_connect('localhost', 'pawz_pawz_PDI', 'pawztest', 'ncmrtest') or die('Error connecting to MySQL server.'); $query = "INSERT INTO ncmrtest (Added_By, Added_By_Date, Nexx_Part, Nexx_Rev, " . "Nexx_Part_Description, NCMR_Qty, JO, SN, INV, Nexx_Inventory_On_Hand, Nexx_Inventory_Chk, Supplier_Name " . "Supplier_Number, Manufacturer_Part_Number, Manufacturer_Serial_Number, NCMR_ID, Nonconformity " . "Disposition, Comments, CommentsAdditional_Details, PO, PO_Date, Date_Received) [B] "VALUES ('Peter Reigler', '7/7/2011', 'K11205368', '1', 'Assy, CMM Module w/window & cover', " .[/B] "'$2', 'I8778', '164', '', '0', '0', 'Plastic Design Inc', '$100255', 'K11205386', 'N/A', '1054', " . "'Not made to print, missing 2 proximity sensor mounting brackets, These need to be welded in place', " . "'Return to vendor for rework, or have vendor come in and rework on site, '', '', '', '', ''); $result = mysqli_query($dbc, $query) or die('Error querying database.'); mysqli_close($dbc); echo 'Thanks for submitting the form.<br />'; ?> </body> </html> Code (markup):
you forgot some " in your query try this one.. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>PDI Non-Conforming Materials Report </title> </head> <body> <h2>PDI Non-Conforming Materials Report</h2> <?php $Added_By = $_POST['Added_By']; $Added_By_Date = $_POST['Added_By_Date']; $Nexx_Part = $_POST['Nexx_Part']; $Nexx_Rev = $_POST['Nexx_Rev']; $Nexx_Part_Description = $_POST['Nexx_Part_Description']; $NCMR_Qty = $_POST['NCMR_Qty']; $JO = $_POST['JO']; $SN = $_POST['SN']; $INV = $_POST['INV']; $Nexx_Inventory_On_Hand = $_POST['Nexx_Inventory_On_Hand']; $Nexx_Inventory_Chk = $_POST['Nexx_Inventory_Chk']; $Supplier_Name = $_POST['Supplier_Name']; $Supplier_Number = $_POST['Supplier_Number']; $Manufacturer_Part_Number = $_POST['Manufacturer_Part_Number']; $Manufacturer_Serial_Number = $_POST['Manufacturer_Serial_Number']; $NCMR_ID = $_POST['NCMR_ID']; $Nonconformity = $_POST['Nonconformity']; $Disposition = $_POST['Disposition']; $Comments = $_POST['Comments']; $CommentsAdditional_Details = $_POST['CommentsAdditional_Details']; $PO = $_POST['PO']; $PO_Date = $_POST['PO_Date']; $Date_Received = $_POST['Date_Received']; $dbc = mysqli_connect('localhost', 'pawz_pawz_PDI', 'pawztest', 'ncmrtest') or die('Error connecting to MySQL server.'); $query = "INSERT INTO ncmrtest (Added_By, Added_By_Date, Nexx_Part, Nexx_Rev, " . "Nexx_Part_Description, NCMR_Qty, JO, SN, INV, Nexx_Inventory_On_Hand, Nexx_Inventory_Chk, Supplier_Name " . "Supplier_Number, Manufacturer_Part_Number, Manufacturer_Serial_Number, NCMR_ID, Nonconformity " . "Disposition, Comments, CommentsAdditional_Details, PO, PO_Date, Date_Received)". "VALUES ('Peter Reigler', '7\/7\/2011', 'K11205368', '1', 'Assy, CMM Module w\/window & cover', " . "'$2', 'I8778', '164', '', '0', '0', 'Plastic Design Inc', '$100255', 'K11205386', 'N\/A', '1054', " . "'Not made to print, missing 2 proximity sensor mounting brackets, These need to be welded in place', " . "'Return to vendor for rework, or have vendor come in and rework on site, '', '', '', '', '')"; $result = mysqli_query($dbc, $query) or die('Error querying database.'); mysqli_close($dbc); echo 'Thanks for submitting the form.<br />'; ?> </body> </html> PHP:
Ok, this is what I have now... I am getting all the way through the code, till I hit $result = mysqli_query($dbc, $query) or die('Error querying database.'); PHP: Then it dies... I've corrected everything I think, is this on my end or on the end of the server where it is hosted? <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>PDI Non-Conforming Materials Report </title> </head> <body> <h2>PDI Non-Conforming Materials Report</h2> <?php $Added_By = $_POST['Added_By']; $Added_By_Date = $_POST['Added_By_Date']; $Nexx_Part = $_POST['Nexx_Part']; $Nexx_Rev = $_POST['Nexx_Rev']; $Nexx_Part_Description = $_POST['Nexx_Part_Description']; $NCMR_Qty = $_POST['NCMR_Qty']; $JO = $_POST['JO']; $SN = $_POST['SN']; $INV = $_POST['INV']; $Nexx_Inventory_On_Hand = $_POST['Nexx_Inventory_On_Hand']; $Nexx_Inventory_Chk = $_POST['Nexx_Inventory_Chk']; $Supplier_Name = $_POST['Supplier_Name']; $Supplier_Number = $_POST['Supplier_Number']; $Manufacturer_Part_Number = $_POST['Manufacturer_Part_Number']; $Manufacturer_Serial_Number = $_POST['Manufacturer_Serial_Number']; $NCMR_ID = $_POST['NCMR_ID']; $Nonconformity = $_POST['Nonconformity']; $Disposition = $_POST['Disposition']; $Comments = $_POST['Comments']; $CommentsAdditional_Details = $_POST['CommentsAdditional_Details']; $PO = $_POST['PO']; $PO_Date = $_POST['PO_Date']; $Date_Received = $_POST['Date_Received']; $dbc = mysqli_connect('localhost', 'xxxxx', 'xxxxx', 'xxxxx') or die('Error connecting to MySQL server.'); $query = "INSERT INTO ncmrtest (Added_By, Added_By_Date, Nexx_Part, Nexx_Rev, " . "Nexx_Part_Description, NCMR_Qty, JO, SN, INV, Nexx_Inventory_On_Hand, Nexx_Inventory_Chk, Supplier_Name " . "Supplier_Number, Manufacturer_Part_Number, Manufacturer_Serial_Number, NCMR_ID, Nonconformity " . "Disposition, Comments, CommentsAdditional_Details, PO, PO_Date, Date_Received)" . "Values = ('$Added_By', '$Added_By_Date', '$Nexx_Part', '$Nexx_Rev', '$Nexx_Part_Description'," . "'$NCMR_Qty', '$JO', '$SN', '$INV', '$Nexx_Inventory_On_Hand', '$Nexx_Inventory_Chk', '$Supplier_Name'" . "'$Supplier_Number', '$Manufacturer_Part_Number', '$Manufacturer_Serial_Number', '$NCMR_ID'," . "'$Nonconformity','$Disposition','$Comments', $CommentsAdditional_Details' '$PO, '$PO_Date'," . "'$Date_Received')"; $result = mysqli_query($dbc, $query) or die('Error querying database.'); mysqli_close($dbc); echo 'Thanks for submitting the form.<br />'; ?> </body> </html> PHP:
What do you mean when you say it dies? The code passes php syntax check. What form of error are you getting? Are you sure the server has mysqli installed and enabled? Check output of phpinfo() for mysqli block. Also, and I'm not sure if this matters, take the = out of this line: "Values = ('$Added_By', '$Added_By_Date', '$Nexx_Part', '$Nexx_Rev', '$Nexx_Part_Description'," .
I am now getting this after taking out the = and cleaning up the code again to work the way it is meant to: Parse error: syntax error, unexpected T_VARIABLE in /home/pawz/public_html/kaboomlabs.com/PDI/database.php on line 51 this is line 51... $result = mysqli_query($dbc, $query) Code (markup):
Its not standard MySQL syntax. http://dev.mysql.com/doc/refman/5.6/en/insert.html INSERT INTO tbl_name (a,b,c) VALUES(1,2,3),(4,5,6),(7,8,9); Code (markup):
Here you go. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>PDI Non-Conforming Materials Report </title> </head> <body> <h2>PDI Non-Conforming Materials Report</h2> <?php $Added_By = $_POST['Added_By']; $Added_By_Date = $_POST['Added_By_Date']; $Nexx_Part = $_POST['Nexx_Part']; $Nexx_Rev = $_POST['Nexx_Rev']; $Nexx_Part_Description = $_POST['Nexx_Part_Description']; $NCMR_Qty = $_POST['NCMR_Qty']; $JO = $_POST['JO']; $SN = $_POST['SN']; $INV = $_POST['INV']; $Nexx_Inventory_On_Hand = $_POST['Nexx_Inventory_On_Hand']; $Nexx_Inventory_Chk = $_POST['Nexx_Inventory_Chk']; $Supplier_Name = $_POST['Supplier_Name']; $Supplier_Number = $_POST['Supplier_Number']; $Manufacturer_Part_Number = $_POST['Manufacturer_Part_Number']; $Manufacturer_Serial_Number = $_POST['Manufacturer_Serial_Number']; $NCMR_ID = $_POST['NCMR_ID']; $Nonconformity = $_POST['Nonconformity']; $Disposition = $_POST['Disposition']; $Comments = $_POST['Comments']; $CommentsAdditional_Details = $_POST['CommentsAdditional_Details']; $PO = $_POST['PO']; $PO_Date = $_POST['PO_Date']; $Date_Received = $_POST['Date_Received']; $dbc = mysqli_connect('localhost', 'pawz_PDI', 'xxxxxx', 'pawz_PDI') or die('Error connecting to MySQL server.'); $query = "INSERT INTO ncmrtest (Added_By, Added_By_Date, Nexx_Part, Nexx_Rev, " . "Nexx_Part_Description, NCMR_Qty, JO, SN, INV, Nexx_Inventory_On_Hand, Nexx_Inventory_Chk, Supplier_Name " . "Supplier_Number, Manufacturer_Part_Number, Manufacturer_Serial_Number, NCMR_ID, Nonconformity " . "Disposition, Comments, CommentsAdditional_Details, PO, PO_Date, Date_Received)" . "Values ('$Added_By', '$Added_By_Date', '$Nexx_Part', '$Nexx_Rev', '$Nexx_Part_Description'," . "'$NCMR_Qty', '$JO', '$SN', '$INV', '$Nexx_Inventory_On_Hand', '$Nexx_Inventory_Chk', '$Supplier_Name'," . "'$Supplier_Number', '$Manufacturer_Part_Number', '$Manufacturer_Serial_Number', '$NCMR_ID'," . "'$Nonconformity','$Disposition','$Comments', $CommentsAdditional_Details' '$PO, '$PO_Date'," . "'$Date_Received');" $result = mysqli_query($dbc, $query) or die('Error querying database.'); mysqli_close($dbc); echo 'Thanks for submitting the form. The information has been entered and will be reviewed by the correct personnel.<br />'; ?> </body> </html> PHP:
Matt, One more thing you should be aware of. And maybe I'm jumping the gun, if you're following a book tutorial, perhaps they will get into this. You should sanitize your input to avoid SQL injection attacks. See this page for a much better explanation than I could ever give. http://php.net/manual/en/security.database.sql-injection.php
Ok, fixed... $query = "INSERT INTO ncmrtest (Added_By, Added_By_Date, Nexx_Part, Nexx_Rev, " . "Nexx_Part_Description, NCMR_Qty, JO, SN, INV, Nexx_Inventory_On_Hand, Nexx_Inventory_Chk, Supplier_Name " . "Supplier_Number, Manufacturer_Part_Number, Manufacturer_Serial_Number, NCMR_ID, Nonconformity " . "Disposition, Comments, CommentsAdditional_Details, PO, PO_Date, Date_Received)" . "Values ('$Added_By', '$Added_By_Date', '$Nexx_Part', '$Nexx_Rev', '$Nexx_Part_Description'," . "'$NCMR_Qty', '$JO', '$SN', '$INV', '$Nexx_Inventory_On_Hand', '$Nexx_Inventory_Chk', '$Supplier_Name'," . "'$Supplier_Number', '$Manufacturer_Part_Number', '$Manufacturer_Serial_Number', '$NCMR_ID'," . "'$Nonconformity','$Disposition','$Comments', $CommentsAdditional_Details' '$PO, '$PO_Date'," . "'$Date_Received')"; PHP: I am still getting this error. Which is about as descriptive and as useful as a hole in the head. As for your part about the sanitation, I will be looking into that later, I am sure the book will tell me about it, but thanks for the heads up it is good to know.
Instead of: $result = mysqli_query($dbc, $query) or die('Error querying database.'); Code (markup): Use this: if (!$result = mysqli_query($dbc, $query)) { printf("Error message: %s\n", mysqli_error($dbc)); } Code (markup): See if that gets you better output.
Here is the error message I get. Error message: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''', '10/21/11', '')' at line 3 Thanks for submitting the form. The information has been entered and will be reviewed by the correct personnel.
Ah, there's the problem. Dates need to be input like this: '2011-10-21' Your date entry will only work if the date column is set to type "text" instead of type "date". You can also use the PHP function that parses dates. Change: $Added_By_Date = $_POST['Added_By_Date']; Code (markup): to: $Added_By_Date = date('Y-m-d',strtotime($_POST['Added_By_Date'])); Code (markup): Apply the same fix to the other lines that handle date columns.
Ok, here is the new code: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>PDI Non-Conforming Materials Report </title> </head> <body> <h2>PDI Non-Conforming Materials Report</h2> <?php $Added_By = $_POST['Added_By']; $Added_By_Date = date('Y-m-d',strtotime($_POST['Added_By_Date'])); $Nexx_Part = $_POST['Nexx_Part']; $Nexx_Rev = $_POST['Nexx_Rev']; $Nexx_Part_Description = $_POST['Nexx_Part_Description']; $NCMR_Qty = $_POST['NCMR_Qty']; $JO = $_POST['JO']; $SN = $_POST['SN']; $INV = $_POST['INV']; $Nexx_Inventory_On_Hand = $_POST['Nexx_Inventory_On_Hand']; $Nexx_Inventory_Chk = $_POST['Nexx_Inventory_Chk']; $Supplier_Name = $_POST['Supplier_Name']; $Supplier_Number = $_POST['Supplier_Number']; $Manufacturer_Part_Number = $_POST['Manufacturer_Part_Number']; $Manufacturer_Serial_Number = $_POST['Manufacturer_Serial_Number']; $NCMR_ID = $_POST['NCMR_ID']; $Nonconformity = $_POST['Nonconformity']; $Disposition = $_POST['Disposition']; $Comments = $_POST['Comments']; $CommentsAdditional_Details = $_POST['CommentsAdditional_Details']; $PO = $_POST['PO']; $PO_Date = date('Y-m-d',strtotime($_POST['PO_Date'])); $Date_Received = date('Y-m-d',strtotime($_POST['Date_Received'])); $dbc = mysqli_connect('localhost', 'pawz_PDI', 'pdi1234', 'pawz_PDI') or die('Error connecting to MySQL server.'); $query= "INSERT INTO ncmrtest (Added_By, Added_By_Date, Nexx_Part, Nexx_Rev, Nexx_Part_Description, NCMR_Qty, JO, SN, INV, Nexx_Inventory_On_Hand, Nexx_Inventory_Chk, Supplier_Name, Supplier_Number, Manufacturer_Part_Number, Manufacturer_Serial_Number, NCMR_ID, Nonconformity, Disposition, Comments, CommentsAdditional_Details, PO, PO_Date, Date_Received) values('$Added_By', '$Added_By_Date', '$Nexx_Part', '$Nexx_Rev', '$Nexx_Part_Description', '$NCMR_Qty', '$JO', '$SN', '$INV', '$Nexx_Inventory_On_Hand', '$Nexx_Inventory_Chk', '$Supplier_Name', '$Supplier_Number', '$Manufacturer_Part_Number', '$Manufacturer_Serial_Number', '$NCMR_ID', '$Nonconformity', '$Disposition', '$Comments', '$CommentsAdditional_Details', $PO'', '$PO_Date', '$Date_Received')"; if (!$result = mysqli_query($dbc, $query)) { printf("Error message: %s\n", mysqli_error($dbc)); } mysqli_close($dbc); echo 'Thanks for submitting the form. The information has been entered and will be reviewed by the correct personnel.<br />'; ?> </body> </html> Code (markup): I get this back... Also, the SQL Database where the dates are, already are slotted as date... so they don't allow text into them. As far as I know that is.
Does the form have a "Date_Received" field? Looks like that information wasn't submitted. Also, the last line of your query, check the single quotes around $PO, they are not correct.