nicht angemeldet
Hallo,
ich habe ein Script um Daten in die DB zu schicken. Hmm aber nun bekomme ich nur folgende Meldung:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'alter, geschlecht, stadt, mail, nummer, ' at line 5
Hmm was mache ich da nur falsch? Hier mal das ganze Script:
<?php
require_once 'config/cfg.inc.php';
if(!empty($_POST))
{
$Pfade_in_DB = array();
foreach ($_FILES as $Artikelbild => $File)
{
if ($File['error'] == 0)
{
$TempName = pathinfo($File['tmp_name']);
$RealName = pathinfo($File['name']);
$FileName = $TempName['basename'].'.'.$RealName['extension'];
$Pfade_in_DB[$Artikelbild] = '/img/passbilder/'.$FileName;
move_uploaded_file(
$File['tmp_name'],
$_SERVER['DOCUMENT_ROOT'] . '/' .$Pfade_in_DB[$Artikelbild]
);
chmod($_SERVER['DOCUMENT_ROOT'] . '/' .$Pfade_in_DB[$Artikelbild] , 0777);
}
}
$sql = "INSERT INTO reg_user
(
name,
vorname,
geb,
geschlecht,
stadt,
mail,
nummer,
passbild,
t-shirt,
username,
passwort,
passwort_wdh,
ip,
datum
)
VALUES
(
'" . mysql_real_escape_string($_POST["name"]) . "',
'" . mysql_real_escape_string($_POST["vorname"]) . "',
'" . mysql_real_escape_string($_POST["geb"]) . "',
'" . mysql_real_escape_string($_POST["geschlecht"]) . "',
'" . mysql_real_escape_string($_POST["stadt"]) . "',
'" . mysql_real_escape_string($_POST["mail"]) . "',
'" . mysql_real_escape_string($_POST["nummer"]) . "',
'" . $Pfade_in_DB['passbild'] . "',
'" . mysql_real_escape_string($_POST["t-shirt"]) . "',
'" . mysql_real_escape_string($_POST["username"]) . "',
'" . mysql_real_escape_string($_POST["passwort"]) . "',
'" . mysql_real_escape_string($_POST["passwort_wdh"]) . "',
'" . ip2long($_SERVER["REMOTE_ADDR"]). "',
NOW()
)
";
mysql_query($sql) OR die(mysql_error());
header("Location: reg_danke.php");
exit;
}
?>