0

I keep getting unexpected ";". I cannot figure out what the problem is. If anyone has any suggestions I would greatly appreciate it.

send_post.php

<?php
//Create connect
$connect = mysqli_connect("localhost","tasks","tasks15!","tasks");
//Sending form data to sql db.
mysqli_query ($connect,"INSERT INTO tasks (CompanyName, ContactName,  Address1, Address2, City, State, Zip, Phone1, Phone2, Fax1)
VALUES ('$_POST[tasks_CompanyName]', '$_POST[tasks_ContactName]',     '$_POST[tasks_Address1]', '$_POST[tasks_Address2]' ,'$_POST[tasks_City]','$_POST[tasks_State],'$_POST[tasks_Zip]', '$_POST[tasks_Phone1]','$_POST[tasks_Phone2]','$_POST[tasks_Fax1]');"

?>

index.html

<form action="send_post.php" method="post">
<h1>Customer Information</h1>

<h3>Company Name</h3> <input type="text" name="tasks_CompanyName"> <br>
<h2>Customer Name</h2><h3>First Name</h3> <input type="text" name="tasks_fname"><br>
<h3> Last Name</h3><input type="text" name="tasks_lname"><br>
<h3> Address 1 </h3>  <input type="text" name="tasks_Address1"><br>

<h3> Address 2</h3>   <input type="text" name="tasks_Address2"><br>

<h3>City</h3><input type="text" name="tasks_City"><br>

<h3>State</h3> <input type="text" name="tasks_State"><br>

<h3>Zip</h3>    <input type="text" name="tasks_Zip"><br>

<h3>Phone 1</h3><input type="text" name="tasks_Phone1"><br>

<h3>Phone 2</h3> <input type="text" name="tasks_Phone2"><br>

<h3>Fax 1</h3>     <input type="text" name="tasks_Fax1"><br>


<input type="submit">
</form>
Adam Blasingame
  • 1

2 Answers2

1
mysqli_query ($connect,"INSERT INTO tasks (CompanyName, ContactName,  Address1, Address2, City, State, Zip, Phone1, Phone2, Fax1)
VALUES ('$_POST[tasks_CompanyName]', '$_POST[tasks_ContactName]',     '$_POST[tasks_Address1]', '$_POST[tasks_Address2]' ,'$_POST[tasks_City]','$_POST[tasks_State],'$_POST[tasks_Zip]', '$_POST[tasks_Phone1]','$_POST[tasks_Phone2]','$_POST[tasks_Fax1]');"

There are a few errors in this line. $_POST is an array, and as such you must access the value using the name of the key - such as $_POST["tasks_Address1"] rather than $_POST[tasks_Address1].

You've also got the semicolon on the inside of the quotes at the end of the line: '$_POST[tasks_Fax1]');". You'll want to put this semicolon on the outside: '$_POST[tasks_Fax1]')";.

Your SQL is also potentially subject to SQL injection. Have a read of some resources such as How can I prevent SQL injection in PHP for some ideas on how to make your code safe from malicious input.

Community
  • 1
  • 1
Matt Davis
  • 470
  • 5
  • 16
  • i think the semicolon at the end can stay (since it ends the sql statement), but addidional semicolon should be put at the end of the line to end php statement – flynorc Feb 21 '17 at 23:27
  • @flynorc you're right; you can have one at the end of the SQL statement but it's not required – Matt Davis Feb 21 '17 at 23:28
0

You may try adding ");" missing at the end of your mysqli_query line.

send_post.php:5

<?php
mysqli_query ($connect,"INSERT INTO tasks
  (CompanyName, ContactName, Address1, 
   Address2, City, State, Zip, Phone1,
   Phone2, Fax1)
VALUES
  ('$_POST[tasks_CompanyName]', '$_POST[tasks_ContactName]',
   '$_POST[tasks_Address1]',    '$_POST[tasks_Address2]',
   '$_POST[tasks_City]',        '$_POST[tasks_State],
   '$_POST[tasks_Zip]',     '$_POST[tasks_Phone1]',   
   '$_POST[tasks_Phone2]',  '$_POST[tasks_Fax1]'
  );");
?>

Note that it's dangerous to record POST data w/o verification as it may lead to XSS and SQL injection hacks.

TeddyScalp'
  • 1
  • 1