0

This is my code. I keep getting a 500 internal server error when trying to parse it, its loaded after the form is completed and the button is pressed all information is sent to it by POST, I have no idea whats causing this. I'm kinda newish to php. 

define('DB_NAME', 'reboot');
define('DB_USER', 'root');
define('DB_PASSWORD', 'root');
define('DB_HOST', 'localhost');



$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD,DB_NAME);

$value = $_POST['user_uploaded_files'];
$value = $_POST['Developer?'];
$value = $_POST['size'];
$value = $_POST['Email'];
$value = $_POST['url'];
$value = $_POST['title']

{  mysql_query($sql)  = "INSERT INTO links (user_uploaded_files,                  
developer_status, size, Email 
url,title) VALUES ('$value', '$value2',
'$value3', '$value4', '$value5', '$value6')";

mysql_close();}

?>
ozzie
  • 3
  • 1
  • 1
  • 5
  • 2
    [Your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) – Jay Blanchard Sep 18 '15 at 18:55
  • 1
    If you can, you should [stop using `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). They are [officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). [These extensions](http://php.net/manual/en/migration70.removed-exts-sapis.php) have been removed in PHP 7. Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) [statements](http://php.net/manual/en/pdo.prepared-statements.php) instead, and consider using PDO, [it's really not hard](http://jayblanchard.net/demystifying_php_pdo.html). – Jay Blanchard Sep 18 '15 at 18:55
  • 1
    You have a number of syntax errors you need to correct. You have curly brackets where you don't need them, you're overwriting `$value` several times. There are other problems. You may want to go take a basic online PHP course before you go any further. – Jay Blanchard Sep 18 '15 at 18:56
  • You should start debugging with error reporting. http://php.net/manual/en/function.error-reporting.php – chris85 Sep 18 '15 at 19:00
  • @chris85 That function won't work if there's a syntax error, since nothing in the script runs. He needs to check the PHP error log. – Barmar Sep 18 '15 at 19:13

1 Answers1

1

The line with 'Developer?' I hope that input has name="Developer?" as an attribute.

As well, you've set the variable $value a few times. That gets overwritten every time you set it. So $value ends up being set to $_POST['title'] which I'm sure isn't what you wanted. Looks like your SQL query is looking for $value, $value2, etc. But those don't exist yet.

After $_POST['title'], you're missing a semicolon.

Moving on, the next line starts with just a {. The curly braces are used for control structures, you cant just wrap code in them.

What you most likely wanted was

$sql = "INSERT INTO...";

if (mysql_query($sql, $link)) { ...

Check out the docs on mysql_query to see how to correctly use it.

However, you shouldn't even be using the old mysql_* functions, they're old and shouldn't be used anymore.

When you get a 500 error, something is usually written to a log file somewhere. You should find it and check it often when this happens.

You may want to go looking for some beginner PHP tutorials to familiarize yourself with the general syntax and how basic things work.

Jay Blanchard
  • 34,243
  • 16
  • 77
  • 119
castis
  • 8,154
  • 4
  • 41
  • 63
  • Way more than a missing semi-colon and unnecessary curly brackets. – Jay Blanchard Sep 18 '15 at 18:59
  • Yeah I just glanced at it to start, I tried to point out everything I saw in the question through numerous edits. May not have been enough though :/ – castis Sep 18 '15 at 19:08