Reply to thread

Message

I made a form in PHP to send data to a MySQL database but I'm getting this error:

Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'to,from,subject,message) VALUES ('', '', 'a', 'a')' at line 1

Here's the form page..

<?
ob_start ();
?>
<?
include("../session.php");
?>
<html>
<head>
<title>Send Message - KingPS3.com</title>
<link href="../style.css" rel="stylesheet" type="text/css" />
</head>
<body bgcolor="black">
<form action="mailpro.php" method="POST" name="SendMessage">

<input type="hidden" name="from" value="<?php echo "$session->username";?>"> 
To:
<input type="text" size="15pt" name="to" value=""> 
Subject:
<input type="text" size="15pt" name="subject" value=""> 
Message: 
<textarea style="align: center" name="message" cols="38" rows="5" value=""></textarea> 
<input value="Send" name="Submit" type="submit" /></form>
</body>
</html>

And then the page where form data is sent (to be put in a MYSQL database)..

<?php include('../session.php');?>
<?php
$con = mysql_connect("localhost","kingps3","**");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("kingps3", $con);

$from=mysql_real_escape_string($_POST['from']);
$to=mysql_real_escape_string($_POST['to']);
$subject=mysql_real_escape_string($_POST['subject']);
$message=mysql_real_escape_string($_POST['message']);

$sql="INSERT INTO mail (to,from,subject,message) VALUES ('$name', '$article', '$subject', '$message')";
if (!mysql_query($sql,$con)) {
die('Error: ' . mysql_error());
}
mysql_close($con);

header("Location: outbox.php");

?>

Any help? Immediate 10pts for best answer!

<blockquote data-quote="skinnypspplayer" data-source="post: 189113">I made a form in PHP to send data to a MySQL database but I&#039;m getting this error:Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near &#039;to,from,subject,message) VALUES (&#039;&#039;, &#039;&#039;, &#039;a&#039;, &#039;a&#039;)&#039; at line 1Here&#039;s the form page..&lt;?ob_start ();?&gt;&lt;?include(&quot;../session.php&quot;);?&gt;&lt;html&gt;&lt;head&gt;&lt;title&gt;Send Message - KingPS3.com&lt;/title&gt;&lt;link href=&quot;../style.css&quot; rel=&quot;stylesheet&quot; type=&quot;text/css&quot; /&gt;&lt;/head&gt;&lt;body bgcolor=&quot;black&quot;&gt;&lt;form action=&quot;mailpro.php&quot; method=&quot;POST&quot; name=&quot;SendMessage&quot;&gt; &lt;p&gt;&nbsp; &lt;input type=&quot;hidden&quot; name=&quot;from&quot; value=&quot;&lt;?php echo &quot;$session-&gt;username&quot;;?&gt;&quot;&gt;&lt;br&gt;&lt;br&gt;To: &nbsp; &lt;input type=&quot;text&quot; size=&quot;15pt&quot; name=&quot;to&quot; value=&quot;&quot;&gt;&lt;br&gt;&lt;br&gt;Subject: &nbsp; &lt;input type=&quot;text&quot; size=&quot;15pt&quot; name=&quot;subject&quot; value=&quot;&quot;&gt;&lt;br&gt;&lt;br&gt;Message:&lt;br&gt;&nbsp; &lt;textarea style=&quot;align: center&quot; name=&quot;message&quot; cols=&quot;38&quot; rows=&quot;5&quot; value=&quot;&quot;&gt;&lt;/textarea&gt;&lt;br&gt;&lt;br&gt;&lt;/p&gt;&lt;input value=&quot;Send&quot; name=&quot;Submit&quot; type=&quot;submit&quot; /&gt;&lt;/form&gt;&lt;/body&gt;&lt;/html&gt;And then the page where form data is sent (to be put in a MYSQL database)..&lt;?php include(&#039;../session.php&#039;);?&gt;&lt;?php$con = mysql_connect(&quot;localhost&quot;,&quot;kingps3&quot;,&quot;**&quot;);if (!$con) { die(&#039;Could not connect: &#039; . mysql_error()); } mysql_select_db(&quot;kingps3&quot;, $con);$from=mysql_real_escape_string($_POST[&#039;from&#039;]);$to=mysql_real_escape_string($_POST[&#039;to&#039;]);$subject=mysql_real_escape_string($_POST[&#039;subject&#039;]);$message=mysql_real_escape_string($_POST[&#039;message&#039;]);$sql=&quot;INSERT INTO mail (to,from,subject,message) VALUES (&#039;$name&#039;, &#039;$article&#039;, &#039;$subject&#039;, &#039;$message&#039;)&quot;;if (!mysql_query($sql,$con)) {&nbsp;die(&#039;Error: &#039; . mysql_error()); }mysql_close($con);&nbsp;&nbsp; header(&quot;Location: outbox.php&quot;);?&gt;Any help?&nbsp; Immediate 10pts for best answer!</blockquote>

[QUOTE="skinnypspplayer, post: 189113"] I made a form in PHP to send data to a MySQL database but I'm getting this error: Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'to,from,subject,message) VALUES ('', '', 'a', 'a')' at line 1 Here's the form page.. <? ob_start (); ?> <? include("../session.php"); ?> <html> <head> <title>Send Message - KingPS3.com</title> <link href="../style.css" rel="stylesheet" type="text/css" /> </head> <body bgcolor="black"> <form action="mailpro.php" method="POST" name="SendMessage"> <input type="hidden" name="from" value="<?php echo "$session->username";?>"> To: <input type="text" size="15pt" name="to" value=""> Subject: <input type="text" size="15pt" name="subject" value=""> Message: <textarea style="align: center" name="message" cols="38" rows="5" value=""></textarea> <input value="Send" name="Submit" type="submit" /></form> </body> </html> And then the page where form data is sent (to be put in a MYSQL database).. <?php include('../session.php');?> <?php $con = mysql_connect("localhost","kingps3","**"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("kingps3", $con); $from=mysql_real_escape_string($_POST['from']); $to=mysql_real_escape_string($_POST['to']); $subject=mysql_real_escape_string($_POST['subject']); $message=mysql_real_escape_string($_POST['message']); $sql="INSERT INTO mail (to,from,subject,message) VALUES ('$name', '$article', '$subject', '$message')"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } mysql_close($con); header("Location: outbox.php"); ?> Any help? Immediate 10pts for best answer! [/QUOTE]

Name

Verification