Jump to content

You have an error in your SQL syntax


Viper114
 Share

Recommended Posts

Our website decided to start having issues recently.  When people placed an order, it says that there was an error placing it.  I checked things and I believe it's at the code, but it's strange because it's not like the code changed somehow.  I got the following MySQL error when I decided to show the errors on the page stating it can't put in an order:"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"","")' at line 2"I'm not quite certain what line it's referring to, but here's the coding in question where it seems to be failing:if($submitbtn=="Submit"){// Add to Order Database        $resultID=mysql_query("insert into cart_order (bid,uid,shid,ccname,cctype,ccexp,ccnumber,subtotal,shipping_fees,pst,gst,odate,sesid,currencyid,notes,discount,discount_description,cvv)     values ($bid,$uid,$shid,\"$ccname\",\"$cctype\",\"$ccmonth/$ccyear\",\"$ccnumber\",$subtotal,$shippingfee,$pst,$gst,NOW()-40000,\"$sesid\",".$_COOKIE["currency"].",\"$notes\",$discount,\"$discount_description\",\"$cvv\")",$linkID);    if($resultID==true)     {        Print "Order Saved";    }else{    Print "Error saving your Order";    echo mysql_error();    }}Everything else can be done properly on the website, so I don't think permissions are an issue.  I just can't seem to quite see what the issue is.  Any ideas?

Link to comment
Share on other sites

you don't require the escaping slash or quotes try (yes for date value) values ($bid,$uid,$shid,$ccname,$cctype,$ccmonth."/".$ccyear,$ccnumber,$subtotal,$shippingfee,$pst,$gst,NOW()-40000,$sesid,$_COOKIE["currency"],$notes,$discount,$discount_description,$cvv)",$linkID); if that does not work try single quotes values ('$bid','$uid','$shid','$ccname','$cctype','$ccmonth.'/'.$ccyear','$ccnumber','$subtotal','$shippingfee','$pst,$gst','NOW()-40000','$sesid','$_COOKIE["currency"]','$notes','$discount','$discount_description','$cvv')",$linkID);

Edited by dsonesuk
Link to comment
Share on other sites

When I do that, it gives me:Parse error: syntax error, unexpected '"', expecting T_STRING or T_VARIABLE or T_NUM_STRING in /cart_reciept.php on line 44The second line gives me:Parse error: syntax error, unexpected '"', expecting T_STRING or T_VARIABLE or T_NUM_STRING in /cart_reciept.php on line 44

Edited by Viper114
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...