Query error - SQL Syntax

[Devana]

I'm working on a new website and was about to add some items via my admin panel, and I got this error:

QUERY ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ',0, '1', 'a:4:{s:4:\"stat\";s:6:\"energy\";s:3:\"dir\";s:3: \"pos\";s:8:\"inc_typ' at line 1
Query was INSERT INTO items VALUES('',1,'gkh','1451',,,0, '1', 'a:4:{s:4:\"stat\";s:6:\"energy\";s:3:\"dir\";s:3: \"pos\";s:8:\"inc_type\";s:7:\"percent\";s:10:\"in c_amount\";i:50;}', '0', 'a:4:{s:4:\"stat\";s:6:\"energy\";s:3:\"dir\";s:3: \"pos\";s:8:\"inc_type\";s:6:\"figure\";s:10:\"inc _amount\";i:0;}', '0', 'a:4:{s:4:\"stat\";s:6:\"energy\";s:3:\"dir\";s:3: \"pos\";s:8:\"inc_type\";s:6:\"figure\";s:10:\"inc _amount\";i:0;}', 0, 0)

The error should be here, somewhere:

Code:

$itmname=$_POST['itmname'];$itmdesc=$_POST['itmdesc'];$weapon=abs((int) $_POST['weapon']);$armor=abs((int) $_POST['armor']);if($_POST['itmbuyable'] == 'on') { $itmbuy=1; } else { $itmbuy=0; }$db->query("DELETE FROM items WHERE itmid={$_POST['itmid']}",$c);$efx1=$db->escape(serialize(array("stat" => $_POST['effect1stat'], "dir" => $_POST['effect1dir'], "inc_type" => $_POST['effect1type'], "inc_amount" => abs((int) $_POST['effect1amount']))));$efx2=$db->escape(serialize(array("stat" => $_POST['effect2stat'], "dir" => $_POST['effect2dir'], "inc_type" => $_POST['effect2type'], "inc_amount" => abs((int) $_POST['effect2amount']))));$efx3=$db->escape(serialize(array("stat" => $_POST['effect3stat'], "dir" => $_POST['effect3dir'], "inc_type" => $_POST['effect3type'], "inc_amount" => abs((int) $_POST['effect3amount']))));$m=$db->query("INSERT INTO items VALUES('{$_POST['itmid']}',{$_POST['itmtype']},'$itmname','$itmdesc',{$_POST['itmbuyprice']},{$_POST['itmsellprice']},$itmbuy, '{$_POST['effect1on']}', '$efx1', '{$_POST['effect2on']}', '$efx2', '{$_POST['effect3on']}', '$efx3', $weapon, $armor)");print "The {$_POST['itmname']} Item was edited successfully.";stafflog_add("Edited item {$_POST['itmname']}");} 


Could anyone please help me locate the problem?

[LiLMsNinja]

There's some values not getting passed into the query...

Query was INSERT INTO items VALUES('',1,'gkh','1451',,,0, '1', 'a:4:{s:4


You need to pass something between these commas.

[Devana]

There's some values not getting passed into the query...

Query was INSERT INTO items VALUES('',1,'gkh','1451',,,0, '1', 'a:4:{s:4


You need to pass something between these commas.

Maybe a stupid question, but how do I do that?

[LiLMsNinja]

The thing is i don't know PHP... so you'll have to find the spot where you are trying to pass a value into those locations of the query and fix it. Either by adding exception handling where if no value is needed then remove the comma. Or, by populating NULL between the commas.

[Devana]

Thanks for the tips. I'll test a little and see what happens. If anyone else has some ideas or something more concrete, please let me know. Thanks :-)

[LiLMsNinja]

You're going to have to post moar code if you want something more concrete. Try the PHP forums.

[Devana]

Problem fixed. Thanks for the help