SQL error

hi guys,

i encounter a problem when inserting a new row by using PHP

the error:
You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

my code:
<?
session_start();
include_once "include/db.php";
$result = mysql_query("INSERT INTO `items` ( `itemId` , `image` , `itemName` , `itemDesc` , `itemPrice` , `username` , `cat_status` , `update` ) VALUES ( '0', '$image', '$itemName', '$itemDesc', 'itemPrice', '".$_SESSION['username']."', '',''") or die(mysql_error());

For your information, itemId is an auto increment field and update is timestamp. I also try to insert the session value i registered in previous page into the username field in the db. I am wondering why i got such error even i copied the sql query exactly from phpmyadmin.

please advise.

First, you don't need itemId in your field list. It is an autoincrement field, so it will update either way.

Same deal for update... it will automatically get the current timestamp.

Take them out of your field list and your value statement.

Now, try it again. If it still doesn't work try putting the sql statement into a variable and output to the screen. That will allow us to debug the sql that is output.

Did you check to see if you have any funky characters in the values of any of your variables ?
(i.e. in $image, $itemName, ...)

Depending on your server setting(MAGIC QUOTE setting), you might have to call addslashes to your variables, in case there are single quotes in the value of your variable, which will screw up your query.

If your $itemName = 'Brier's Ice Cream'

try calling: $itemName = addslashes($itemName)

result:
$itemName = 'Brier\'s Ice Cream'

Good call bubblocity