MySQL insert errors

Question

It's pretty much one of my first times working with MYSQL, and I can't seem to fix this one error I keep getting. I'm trying to store data to a table which has an auto_increment on its id (first column). The error I keep getting is this:

"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'voorletters ='asd', tussenvoegsel ='', achternaam ='', roepnaam ='', adres ='', ' at line 1"

I just filled the textboxes with a little bit of rubish, there are no columns that require data either. Here is the code I use:

if(isset($_POST['save']))
{   
    $voorletters = $_POST['voorletters'];
    $tussenvoegsel = $_POST['tussenvoegsel'];
    $achternaam = $_POST['achternaam'];
    $roepnaam = $_POST['roepnaam'];
    $adres = $_POST['adres'];
    $postcode = $_POST['postcode'];
    $plaats = $_POST['plaats'];
    $geslacht = $_POST['geslacht'];
    $emailadres = $_POST['emailadres'];
    $telefoonnummer = $_POST['telefoonnummer'];
    $mobielenummer = $_POST['mobielenummer'];
    $geboortedatum = $_POST['geboortedatum'];
    $bsn = $_POST['bsn'];

    mysql_query("INSERT INTO `naw` "
            . "voorletters ='$voorletters', "
            . "tussenvoegsel ='$tussenvoegsel', "
            . "achternaam ='$achternaam', "
            . "roepnaam ='$roepnaam', "
            . "adres ='$adres', "
            . "postcode ='$postcode', "
            . "plaats ='$plaats', "
            . "geslacht ='$geslacht', "
            . "emailadres ='$emailadres', "
            . "telefoonnummer ='$telefoonnummer', "
            . "mobielenummer ='$mobielenummer', "
            . "geboortedatum ='$geboortedatum', "
            . "bsn ='$bsn' "
            . "WHERE id = '$id'")
            or die(mysql_error());

If this isn't enough information, please tell me. I've tried a lot of things, but I can't seem to figure it out.

RTM's http://dev.mysql.com/doc/refman/5.7/en/insert.html and http://dev.mysql.com/doc/refman/5.7/en/update.html — Funk Forty Niner, Jan 12 '16 at 14:11
INSERT doesn't use a WHERE. Either delete the where or change your command to UPDATE — Victoria S., Jan 12 '16 at 14:11
[Your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) — Jay Blanchard, Jan 12 '16 at 14:13
Please [stop using `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). [These extensions](http://php.net/manual/en/migration70.removed-exts-sapis.php) have been removed in PHP 7. Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [PDO](http://php.net/manual/en/pdo.prepared-statements.php) and [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and consider using PDO, [it's really pretty easy](http://jayblanchard.net/demystifying_php_pdo.html). — Jay Blanchard, Jan 12 '16 at 14:13
@JayBlanchard I'm just starting with MySQL and I have troubles with learning new things, it doesn't really seem that simple to me ;p. But I will look into it, thanks. — Yuki Kutsuya, Jan 12 '16 at 14:16
You'll get there @SapphireFox...we all started just like you! — Jay Blanchard, Jan 12 '16 at 14:18

score 5 · Accepted Answer · answered Jan 12 '16 at 14:11

5

You mix up insert and update syntax. Replace

INSERT INTO `naw` voorletters ='$voorletters'...

with

UPDATE `naw` set voorletters ='$voorletters'....

And you should really use Prepared Statements to avoid syntax errors and SQL injections due to user input.

answered Jan 12 '16 at 14:11

juergen d

201,996
37
293
362

1

Actually MySQL does have an `INSERT ... SET` syntax—the OP is just missing the keyword `SET`. – eggyal Jan 12 '16 at 14:13
Thanks! the 'set' fixed it for me ^-^ – Yuki Kutsuya Jan 12 '16 at 14:15

tisuchi · Answer 2 · 2016-01-12T14:18:27.150

0

Just use following code. Make sure that you are inserting data for every field sequentially-

mysql_query("INSERT INTO `naw` VALUES(
            '".$voorletters."',
            '".$tussenvoegsel."',
            '".$achternaam."',
            '".$roepnaam."',
            '".$adres."',
            '".$postcode."',
            '".$plaats."',
            '".$geslacht."',
            '".$emailadres."',
            '".$telefoonnummer."',
            '".$mobielenummer."',
            '".$geboortedatum."',
            '".$bsn."')")
            or die(mysql_error());

edited Jan 12 '16 at 14:18

answered Jan 12 '16 at 14:15

tisuchi

129
2
11

Insert does not have a `WHERE` clause – genespos Jan 12 '16 at 14:18

score 0 · Answer 3 · answered Jan 12 '16 at 14:16

0

You have a wrong syntax

The INSERT syntax is

INSERT INTO `YourTableName`(`Field1`, `Field2`, `Field3`, `Field4)
VALUES ('value-1','value-2','value-3','value-4')

The UPDATE syntax is

UPDATE `YourTableName` 
SET `Field1`='value-1',`Field2`='value-2',`Field3`='value-3',`Field4`='value-4'
WHERE YourConditions

answered Jan 12 '16 at 14:16

genespos

3,211
6
38
70

Actually MySQL does have an `INSERT ... SET` syntax—the OP is just missing the keyword `SET`. – eggyal Jan 12 '16 at 14:16

Remi Hirtz · Answer 4 · 2016-01-12T14:34:36.217

0

You should remove the `` around naw, it's ok in phpmyadmin but quite messy almost every where else. And you souldn't concatenate every line, do it in one "..." and use backspace to make it more readable.

So:

mysql_query("INSERT INTO naw
            VALUES('$voorletters', 
                    '$tussenvoegsel',
                    ... ,
                     WHERE id = '$id'");//you can't do that, maybe you should use an UPDATE

edited Jan 12 '16 at 14:34

answered Jan 12 '16 at 14:22

Remi Hirtz

134
3
16

Will it still work the same as now without the quotes? – Yuki Kutsuya Jan 12 '16 at 14:24

MySQL insert errors

4 Answers4