-1

So I am a newb to php & mysql. I keep getting this error each time I fill out a form that I created. When I check phpmyadmin to see if the information from the form has been added to the table, it's nowhere to be found. I found a similar question on here and their problem was fixed by running a query to turn the strict mode off of SQL. I tried to do so and it added an entry to the table but all the values in the entry were 0. Here's my php block:

<?php

    require('connect2.php');
    session_start();
    $username = $_SESSION['username'];


    //My queries will be here
    $bloodquery = mysql_query("SELECT * FROM `CodesBloodType` ORDER BY `BloodTypeText`");
    $donor_add = "INSERT INTO `Donor`(`DonorID`, `PersonID`, `DateRegistered`, `AgeRegistered`, `DonorPreRegistered`, `MedicalFacilityID`, `NationalLocalRegistry`, `NationalLocalRegistryID`, `Height`, `Weight`, `BloodTypeCode`, `OrganCriteriaID`, `LivingDonor`, `DirectedDonor`) VALUES ($donorid,$personid,$dateregistered,$ageregistered,$donorpreregistered,$medicalfacilityid,$nationallocalregistry,$nationallocalregistryid,$height,$weight,$bloodtypecode,$organcriteriaid,$livingdonor,$directeddonor)";




//Check to see if something is entered in my fields, if so then define variables


// Loop over field names, make sure each one exists and is not empty



$required = array('donorid', 'personid', 'dateregistered', 'ageregistered','medicalfacilityid','nationallocalregistry','nationallocalregistryid', 'height', 'weight','organcriteriaid');
$error = false;
$var = $_POST['submit'];
if($var){
foreach($required as $field) {
  if (empty($_POST[$field])) {
    $error = true;
    if ($error) {
    echo $field. ' is empty';
    ?> 
    <html><br></html>
    <?php
    }
}

  else{
    $error = false;

        }

}

 if(!$error){

    $donorid = $_POST['donorid'];
    $personid = $_POST['personid'];
    $dateregistered = $_POST['dateregistered'];
    $ageregistered = $_POST['ageregistered'];
    if(isset($_POST['donorpreregistered'])){
    $donorpreregistered = "1";}
    else{
        $donorpreregistered = "0";
    }
    $medicalfacilityid = $_POST['medicalfacilityid'];
    $nationallocalregistry = $_POST['nationallocalregistry'];
    $nationallocalregistryid = $_POST['nationallocalregistryid'];
    $height = $_POST['height'];
    $weight = $_POST['weight'];
    $bloodtypecode = $_POST['bloodtypec'];
    $organcriteriaid = $_POST['organcriteriaid'];
    if(isset($_POST['livingdonor']))
    {
        $livingdonor = "1";
    }
    else{
        $livingdonor = "0";
    }

    if(isset($_POST['directeddonor'])){
    $directeddonor = "1";}
    else{
        $directeddonor = "0";
    }




    $result = mysql_query($donor_add);
    if (!$result) {
    die('Invalid query: ' . mysql_error()); 
    //echo "Form Submitted Successfully";    

        }
    }

}   



?>

Invalid query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ',,,,,,,,,,,,)' at line 1

Jay Blanchard
  • 34,243
  • 16
  • 77
  • 119
Lauren
  • 23
  • 2
  • In the future always post the error message. Not all of us are mind readers. – John Conde Apr 16 '15 at 17:16
  • do you really need all those single quotes inside the INSERT statement? - just curious... – Saagar Elias Jacky Apr 16 '15 at 17:17
  • Will do. Invalid query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ',,,,,,,,,,,,)' at line 1 – Lauren Apr 16 '15 at 17:22
  • Your values are obviously missing! How do you not see this? – John Conde Apr 16 '15 at 17:24
  • Please explain like I'm 5. I do not understand. – Lauren Apr 16 '15 at 17:26
  • Please, [stop using `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). They are no longer maintained and are [officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). Learn about [prepared statements](http://en.wikipedia.org/wiki/Prepared_statement) instead, and use [PDO](http://jayblanchard.net/demystifying_php_pdo.html). – Jay Blanchard Apr 16 '15 at 17:28
  • See all of the commas next to each other in the error @Lauren? There should be a value between each one. – Jay Blanchard Apr 16 '15 at 17:29
  • You're treating PHP like it can time travel. You're executing your INSERT query **BEFORE** you defined any of the variables that hold the values you're trying to insert. – Marc B Apr 16 '15 at 17:29
  • @SaagarEliasJacky Those aren't single quotes, they're backticks; it's an [`identifier quote character`](https://dev.mysql.com/doc/refman/5.0/en/identifiers.html) in mysql to mark table and column names =] – newfurniturey Apr 16 '15 at 17:29
  • At the time the variable `$donor_add` is created, all the field variables to populate it from `$_POST` have not yet been given values. The `$donor_add = "INSERT...."` needs to be done after all the vars are populated, just before `mysql_query()`. – Michael Berkowski Apr 16 '15 at 17:29
  • `$donorid,$personid,$dateregistered,$ageregistered,$donorpreregistered,$medicalfacilityid,$nationallocalregistry,$nationallocalregistryid,$height,$weight,$bloodtypecode,$organcriteriaid,$livingdonor,$directeddonor` are not populated. You need to move your query a place in the code *after* the variables have been set. – Jay Blanchard Apr 16 '15 at 17:30
  • 1
    In addition to the feedback already given, you should be seeing notices/warnings in your development environment to alert you to the fact that variables are being read without being defined. If you don't see them, it is possible they are turned off in your PHP configuration. Try adding `error_reporting(-1);` at the start of your script temporarily (don't add this to live, but it is helpful during development). – halfer Apr 16 '15 at 17:36

1 Answers1

0

You don't need to use single quotes for any table or column name... mySQL may be recognizing them as an alias and doesn't recognize any table to execute the query. Your INSERT syntax is also wrong, you need to concatenate the values to your query String, the correct sintax to concat a value in PHP is using "." For example... "INSERT INTO myTable values (".$myValue.")" or "INSERT INTO myTable (column1, column2) values (".$value1.", ".$value2.")"

JP Vielma
  • 16
  • 2