Viper114 Posted April 23, 2012 Share Posted April 23, 2012 Our website decided to start having issues recently. When people placed an order, it says that there was an error placing it. I checked things and I believe it's at the code, but it's strange because it's not like the code changed somehow. I got the following MySQL error when I decided to show the errors on the page stating it can't put in an order:"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"","")' at line 2"I'm not quite certain what line it's referring to, but here's the coding in question where it seems to be failing:if($submitbtn=="Submit"){// Add to Order Database $resultID=mysql_query("insert into cart_order (bid,uid,shid,ccname,cctype,ccexp,ccnumber,subtotal,shipping_fees,pst,gst,odate,sesid,currencyid,notes,discount,discount_description,cvv) values ($bid,$uid,$shid,\"$ccname\",\"$cctype\",\"$ccmonth/$ccyear\",\"$ccnumber\",$subtotal,$shippingfee,$pst,$gst,NOW()-40000,\"$sesid\",".$_COOKIE["currency"].",\"$notes\",$discount,\"$discount_description\",\"$cvv\")",$linkID); if($resultID==true) { Print "Order Saved"; }else{ Print "Error saving your Order"; echo mysql_error(); }}Everything else can be done properly on the website, so I don't think permissions are an issue. I just can't seem to quite see what the issue is. Any ideas? Link to comment Share on other sites More sharing options...
dsonesuk Posted April 23, 2012 Share Posted April 23, 2012 you don't require the escaping slash or quotes try (yes for date value) values ($bid,$uid,$shid,$ccname,$cctype,$ccmonth."/".$ccyear,$ccnumber,$subtotal,$shippingfee,$pst,$gst,NOW()-40000,$sesid,$_COOKIE["currency"],$notes,$discount,$discount_description,$cvv)",$linkID); if that does not work try single quotes values ('$bid','$uid','$shid','$ccname','$cctype','$ccmonth.'/'.$ccyear','$ccnumber','$subtotal','$shippingfee','$pst,$gst','NOW()-40000','$sesid','$_COOKIE["currency"]','$notes','$discount','$discount_description','$cvv')",$linkID); Link to comment Share on other sites More sharing options...
Viper114 Posted April 23, 2012 Author Share Posted April 23, 2012 When I do that, it gives me:Parse error: syntax error, unexpected '"', expecting T_STRING or T_VARIABLE or T_NUM_STRING in /cart_reciept.php on line 44The second line gives me:Parse error: syntax error, unexpected '"', expecting T_STRING or T_VARIABLE or T_NUM_STRING in /cart_reciept.php on line 44 Link to comment Share on other sites More sharing options...
Viper114 Posted April 23, 2012 Author Share Posted April 23, 2012 OH, I got it! I took the original line you told me to change but put single quotes around all those that lacked any, like bid, uid and shid. So now it's all working properly again. Thanks for the help with this! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.