7 {{ upvoteCount | shortNum }}
7 {{ upvoteCount | shortNum }}

help with this code

by Ebbam
6 replies
I am trying to insert data into my data base using:
76: $sql = "INSERT INTO client (`name`,`email`,`address`,`userid`,`password`) VALUES('$name','$email','$address','$userid', '$password' )";


but I am getting this syntax error when I view it through browser:

Parse error: syntax error, unexpected T_VARIABLE, expecting ']' in /home/getyourn/public_html/signup.php on line 76


Pls what is the matter with the insert statement or is there other hidden problem?
Thanks.
#code
  • Profile picture of the author Nochek
    Do you really think $pas sword is a good variable name?
    Signature
    Nochek Solutions Presents:
    The Hydrurga WSO - Rank Your Site #1 And Score Over The Penguin Updates!
    {{ DiscussionBoard.errors[5588980].message }}
    • Profile picture of the author K Meier
      Originally Posted by Nochek View Post

      Do you really think sword is a good variable name?
      Since when does the name of a PHP variable matter (unless it's reserved)? It's not like it's exposed to the public eye.
      {{ DiscussionBoard.errors[5598564].message }}
      • Profile picture of the author Nochek
        Originally Posted by K Meier View Post

        Since when does the name of a PHP variable matter (unless it's reserved)? It's not like it's exposed to the public eye.
        You might have missed the space in his original post and my reply. Making a variable '$pas sword' instead of '$password' is asking for serious trouble, especially considering the naming conventions previously followed by the other variables. And thats not even touching on the non-usage of a $clean_ or $sqled_ caveat to signify that before its stashed into the database it hasn't been filled with malicious (and fun!) code that turns your website into an Anon-hacking bot.

        Just because the public isn't supposed to see PHP doesn't mean they can't interact with it.
        Signature
        Nochek Solutions Presents:
        The Hydrurga WSO - Rank Your Site #1 And Score Over The Penguin Updates!
        {{ DiscussionBoard.errors[5600134].message }}
        • Profile picture of the author K Meier
          Originally Posted by Nochek View Post


          Just because the public isn't supposed to see PHP doesn't mean they can't interact with it.
          Yes, didn't see the $pas sword $password thingy.
          But it doesn't make it more secure if the variable containing the password is called $xys5n5iw instead of $password, as it's hopefully hashed and escaped anyways.
          {{ DiscussionBoard.errors[5600226].message }}
  • Profile picture of the author t9web
    try:

    $sql = "INSERT INTO client ('name','email','address','userid','password') VALUES ('$name','$email','$address','$userid','$password' )";
    {{ DiscussionBoard.errors[5589146].message }}
  • Profile picture of the author ussher
    it means you forgot to end line 75 with a semicolon

    bet line 75 looks something like this:
    $variable = 'something'

    when it should look like
    $variable = 'something';
    Signature

    "Jamroom is a Profile Centric CMS system suitable as a development framework for building entire communities. Highly modular in concept. Suitable for enterprise level development teams or solo freelancers."

    - jamroom.net
    Download Jamroom free: Download
    {{ DiscussionBoard.errors[5598743].message }}

Trending Topics