i wrote a little comment system and made a db just for storing comment info. everything works except if i try to store the url from which the comment is made, which is the most important part! i get a syntax error and i haven't been able to figure out what i'm doing wrong.


//captcha code, if they fail blah blah, below is what happens if they pass the recaptcha.
} else {
$name = $_POST['name'];
$comment = $_POST['comment'];
$this_guy = $_SERVER['REMOTE_ADDR'];
$this_time = date("y/m/d : H:i:s", time());
$from = $_SERVER["REQUEST_URI"];
require_once("../functions/connection_comments.php");

$query="INSERT INTO data (From, Name, Comment, IP, TIME)
VALUES('$from','$name','$comment', '$this_guy','$this_time')";
if (!mysql_query($query,$connection))
{
die('<br />Error: ' . mysql_error());
}


my column names all match up to the insert string above, and everything is stored correctly if i tell it not to insert to 'From'. but storing the page of the comment is crucial!

i had the From column as a VARCHAR, but switched it to TEXT and get the same error. the error i'm getting with the above code is:



Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'From, Name, Comment, IP, TIME) VALUES('/r/0','tester','hey im a te' at line 1

creating a thread must be some magical thing. i just changed the name of the column to ComentUrl instead of From and now it works. i guess From is one of those words you're not supposed to use when naming columns.

"From" is a reserved word. The list and usage can be found here (http://dev.mysql.com/doc/refman/5.1/en/reserved-words.html).

You can still use reserved words as column names if you want, but you need to always use back-tics with them for example:


INSERT INTO aa (ID,`From`) VALUES ('1','summary')
or

create table aa
(ID int not null auto_increment,
`From` text,
date datetime,
primary key(ID))

Two things to add:
1. It's best not to use reserved words because of exactly this-- it's confusing, so why make it harder for yourself? If you're not always perfect and careful in the coding, you'll run into problems once in a while.
2. On the other hand, I advise always using backticks around the names-- that's just good coding. It's not always needed, but it also avoids problems like this and any kind of ambiguity. I always do it, even though it's a little more typing, but I also think it makes the queries easier to read.

noted, so i should have the query read:


$query="INSERT INTO data (`CommentUrl`, `Name`, `Comment`, `IP`, `TIME`)
VALUES('$comment_place','$name','$comment', '$this_guy','$this_time')";


i've run into a different issue though. i made the CommentUrl column so that comments will stay with the appropriate pages. but when i added the specifics of checking for the correct value in the CommentUrl column, no comments are returned.


require_once("../functions/connection_comments.php");
if($connection){
$place = $_SERVER["REQUEST_URI"];
$query2 = "SELECT * FROM data";
$result2 = mysql_query($query2);
while ($row = mysql_fetch_array($result2)){
echo "<div class=\"comment-box\">";
echo $row['Name'] . "<br />" . $row['Comment'];
echo "</div>";
mysql_close($connection);
}
} else {
echo "<br />There aren't any comments yet!";
}
?>

this returns all the comments for every page on every page.
as soon as i change the query2 to:


$query2 = "SELECT * FROM data WHERE `CommentUrl` = $place";

no comments show up on the page at all, or on any page. but when i echo $place it's correct. what is wrong?

$query2 = "SELECT * FROM data WHERE `CommentUrl` = $place";


I don't know that this is your specific trouble, but remember that you need to 'quote' literal values in SQL.


$query2 = "SELECT * FROM data WHERE `CommentUrl` = '$place'";

the only time you wouldn't need to do this would be if $place were a number (however, quoting a numeric value -like '42' instead of 42, for example- doesn't hurt anything. it's arguably better, in fact, since it prevents possible errors and allows MySQL to do its own type conversion).

hrm i see. that's handy knowledge thank you traq. though even with these single quotes around the variable i have the same behavior, nothing coming back. when i peek in the db everything is set correctly. i can't see anything else being the problem :/ graaaah.

EDIT: alright working now. somewhere along the line i changed CommentUrl to CurrentUrl and didn't notice until your post traq lol. HOORAY!