You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to****
Hey guys, I'm trying to create a registration system for my website and I Encountered this problem.
"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '10','test','Luz','Dennis',' +639474355212 ','lizabryxina@yahoo.com','long', ' at line 2"
How do I fix it? here's the code.
<?php
session_start();
include("connect.php");
$lastname = $_POST['txtlastname'];
$firstname = $_POST['txtfirstname'];
$middlename = $_POST['txtmiddlename'];
$address = $_POST['txtaddress'];
$bday = $_POST['txtbday'];
$nationality = $_POST['txtnationality'];
$cell = $_POST['txtcellno'];
$height = $_POST['txtheight'];
$agent = $_POST['txtagent'];
$mother = $_POST['txtmother'];
$email = $_POST['txtemail'];
$civilstat = $_POST['ddlcivilstat'];
$hair = $_POST['txthair'];
$complexion = $_POST['txtcomplexion'];
$weight = $_POST['txtweight'];
$vital = $_POST['txtvital'];
$father = $_POST['txtfather'];
$birthdate = $_POST['txtbday'];
$format_cell = "+639";
$r = mysql_query("select * from tbl_student_master where email='$email'") or die(mysql_error());
$count = mysql_num_rows($r);
if($count > 0)
{
echo("<script>alert('Username already exist')</script>");
echo" <script>window.location=\"../index.php\";</script> ";
return;
}
if(strlen($cell) > 0)
{
$temp_cell = substr($cell,0,4);
if($temp_cell != $format_cell)
{
echo("<script>alert('Cellphone number format is incorrect')</script>");
echo" <script>window.location=\"../index.php\";</script> ";
return;
}
}
if($lastname=="")
{
echo("<script>alert('Last Name is Required')</script>");
echo" <script>window.location=\"../index.php\";</script> ";
return;
}
if($firstname=="")
{
echo("<script>alert('First Name is Required')</script>");
echo" <script>window.location=\"../index.php\";</script> ";
return;
}
if($address=="")
{
echo("<script>alert('Address is Required')</script>");
echo" <script>window.location=\"../index.php\";</script> ";
return;
}
if($vital=="")
{
echo("<script>alert('Vital Statistics is Required')</script>");
echo" <script>window.location=\"../index.php\";</script> ";
return;
}
if($birthdate=="")
{
echo("<script>alert('Birthdate is Required')</script>");
echo" <script>window.location=\"../index.php\";</script> ";
return;
}
if($complexion=="")
{
echo("<script>alert('Complexion is Required')</script>");
echo" <script>window.location=\"../index.php\";</script> ";
return;
}
$r = rand(10000, 1000000);
$result = mysql_query("INSERT INTO tbl_student_master(lastname,firstname,middlename,birthdate,nationality,weight,height,agent,mother,father,cellno,email,hair,complexion,vitalstat,address,civil,password)
values('$lastname','$firstname','$middlename','$birthdate','$nationality','$weight','$height','$agent','$mother','$father','$cell','$email','$hair',
'$complexion','$vital','$address','$civilstat','$r')") or die(mysql_error());
$res = mysql_query("INSERT INTO tbl_users(Username,Password,Role) values('$email','$r','Student')") or die(mysql_error());
$from = "dizonmrc@gmail.com";
$body = "Thank you for registering with us <br><br> Your password is: $r";
$to = $email;
$subject = 'Frontline Production: Registration Complete';
$headers = "From: " . strip_tags('dizonmrc@gmail.com') . "\r\n";
$headers .= "Reply-To: ". strip_tags('dizonmrc@gmail.com') . "\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
require_once("PHPMailer/class.phpmailer.php");
define('GUSER', 'dizonmrc@gmail.com'); // Gmail username
define('GPWD', 'leahcim16');
global $error;
$mail = new PHPMailer(); // create a new object
$mail->IsSMTP(); // enable SMTP
$mail->SMTPDebug = 1; // debugging: 1 = errors and messages, 2 = messages only
$mail->SMTPAuth = true; // authentication enabled
$mail->SMTPSecure = 'ssl'; // secure transfer enabled REQUIRED for Gmail
$mail->Host = 'smtp.gmail.com';
$mail->Port = 465;
$mail->Username = GUSER;
$mail->Password = GPWD;
$mail->SetFrom($from, "Frontline Production");
$mail->Subject = $subject;
$mail->Body = $body;
$mail->AddAddress($to);
$mail->IsHTML(true);
if(!$mail->Send()) {
$error = 'Mail error: '.$mail->ErrorInfo;
} else {
$error = 'Message sent!';
}
/*SMS*/
$_objSmsProtocolGsm = new Com("ActiveXperts.SmsProtocolGsm");
$objMessage = new Com ("ActiveXperts.SmsMessage");
$objConstants = new Com ("ActiveXperts.SmsConstants");
$objMessage->Recipient = $cell;
$objMessage->Format = $objConstants->asMESSAGEFORMAT_UNICODE;
$objMessage->Data = "Your password is: " . $r;
$_objSmsProtocolGsm->Device = "ZTE Proprietary USB Modem";
$_objSmsProtocolGsm->DeviceSpeed = 0;
if( $_objSmsProtocolGsm->LastError == 0 ){
$_objSmsProtocolGsm->Send( $objMessage );
}
echo("<script>alert('Registration Successful, Please check your email for your password')</script>");
echo" <script>window.location=\"../index.php\";</script> ";
?>
<?php
?>