Colourtheory

I give up, it's just not working.. Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'desc, maker) VALUES (hi,hi,1)' at line 1 Sucks, I worked so hard on this website.

Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/u705429760/public_html/newdiscussion.php on line 35

This is the new version <?php include('themesys.php') ?> <br><Br><div class="bbox"> <center> <?php session_start(); if (isset($_SESSION['user_id'])){ $con = mysql_connect("mystuff","mystuff","mypw");if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("mydb", $con); $id = $_SESSION['user_id']; $sql="INSERT INTO discussions (name, desc, maker)VALUES($_POST['namevalue'],$_POST['descvalue'],'$id')"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); }echo "Discussion started!"; mysql_close($con); }else{header('Location: login.php');}?> </div></body>

Yeah, this is really upsetting because this is one of the main parts of the website, and something so small is ruining it.

This is so consfusing.. the script came off of a w3 example. I just edited it.

Let me check.. Also, a few variables have the same name could this be causing the problem?

<?php session_start(); require_once 'db.php';if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("u705429760_main", $con); $id = $_SESSION['user_id']; $sql="INSERT INTO discussions (name, desc, maker)VALUES('$_POST[name]', '$_POST[desc]', $id)"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); }echo "Discussion started!"; mysql_close($con);?>

Maybe there is a problem with the PHP part..

The second one turns out to be the exact same as the first error

It whites out the entire page and says Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/u705429760/public_html/newdiscussion.php on line 23

Doesn't work either

You might want to block a browser that's not supported by your product.

I've tried everything I can think of, any idea what's wrong? $sql="INSERT INTO discussions (name, desc, maker)VALUES('$_POST[name]', '$_POST[desc]', '$id')"; Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'desc, maker) VALUES ('yo', 'yolo', '1')' at line 1

Maybe I should start over.. I think this script needs to be scrapped.

So I've been warned a few times about this, and I was wondering, how do I stop/prevent them? What methods are dangerous?