I try to do a form which can insert data into database. After I insert a dummy data the is come out.
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax
This error are make me in trouble. My database are not inserted any record
<?php $db = "assignment"; $table = "column"; $conn = mysqli_connect("localhost","root",""); mysqli_select_db($conn,$db); $Title = $_POST['title']; $Author = $_POST['author']; $Country = $_POST['country']; $Date = $_POST['date']; $Abstract = $_POST['abstract']; $Problem = $_POST['rproblem']; $Aim = $_POST['raim']; $Objectives = $_POST['robjective']; $Type = $_POST['rstudies']; if(isset($_POST['rmethod'])){ $method = implode(",",$_POST['rmethod']); }else{ $method = ""; } $sql = "INSERT INTO '$table' (title,author,country,date,abstract,rproblem,raim,robjective,rstudies,rmethod) VALUES ('$Title','$Author,'$Country','$Date','$Abstract','$Problem','$Aim','$Objectives','$Type','$method')"; mysqli_query($conn,$sql); if (!mysqli_query($conn,$sql)){ die('Error: ' . mysqli_error($conn)); }else{ echo "Data Added"; } mysqli_close($conn); ?>Advertisement
Answer
You’ve set your $table variable inside single quotes while using a reserved word, column for your table name $table = "column";
Use backticks around it, like so:
INSERT INTO `$table`either do that or give your table another name.
You also have a quote missing here '$Author, so do '$Author',
Also, you can remove mysqli_query($conn,$sql); since you’re already using
if (!mysqli_query($conn,$sql))
Footnotes:
Your present code is open to SQL injection. I strongly suggest that you use prepared statements, or PDO with prepared statements.