Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived General Discussion Database Insert Breaking
Database Insert Breaking
  • El Forum
    Guest
  •  
#1
07-03-2009, 07:37 PM

[eluser]MydKnight[/eluser]
This is my first time trying it and it should be pretty easy, but I seem to have something wrong. Here is my function:

function createUser(){
$data = array(
'username' => $_POST['username'],
'user_password' => $_POST['user_password'],
'user_email' => $_POST['user_email'],
'user_birthday' => $_POST['user_birthday'],
'user_timezone' => $_POST['user_timezone'],
'user_dst' => $_POST['user_dst'],
'user_icq' => $_POST['user_icq'],
'user_aim' => $_POST['user_aim'],
'user_yim' => $_POST['user_yim'],
'user_msnm' => $_POST['user_msnm'],
'user_jabber' => $_POST['user_jabber'],
'user_website' => $_POST['user_website'],
'user_interests' => $_POST['user_interests'],
'user_fname' => $_POST['user_fname'],
'user_lname' => $_POST['user_lname'],
'user_city' => $_POST['user_city'],
'user_state' => $_POST['user_state'],
'user_country' => $_POST['user_country'],
'user_visible' => $_POST['user_visible'],
'user_age' => $_POST['user_age'],
'user_weight' => $_POST['user_weight'],
'user_role' => $_POST['user_role'],
'user_ethnicity' => $_POST['user_ethnicity'],
'user_seeks' => $_POST['user_seeks'],
'user_address' => $_POST['user_address'],
'user_status' => $_POST['user_status'],
'user_contype' => $_POST['user_contype'],
)
$this->db->insert('phpbb_users',$data);
}

My error is:

Parse error: syntax error, unexpected T_VARIABLE in /home/abadmin1/public_html/rework/system/application/models/m_user.php on line 78

The error, unsurprisingly, is in the insert command. Anyone know what I am missing?
  • El Forum
    Guest
  •  
#2
07-03-2009, 08:11 PM

[eluser]John_Betong[/eluser]
 
Your insert statement is missing another statement or expecting another because of the trailing comma.

Code:
...
   ...
   ...
   ‘user_contype’ => $_POST[‘user_contype’],
   )
     $this->db->insert(‘phpbb_users’,$data);
}
 
 
  • El Forum
    Guest
  •  
#3
07-04-2009, 03:18 AM

[eluser]bigtony[/eluser]
Also, from a security point of view, you should avoid using data straight from $_POST into any database operation (including selects - not just insert/update/delete). (Do a search for Cross Site Scripting on Google and see what horrors could await you!).

Instead, use the CI function
Code:
$this->input->post('posted_field_name', TRUE);
The second parameter (TRUE) will clean the input data, although you can leave this off if you set config to autoclean all input fields. See the Input class in the User Guide for more details. http://ellislab.com/codeigniter/user-gui...input.html




Theme © iAndrew 2016 - Forum software by © MyBB