Ok, my insert query is not working on my server. Here is the code I'm running:
<?php
$name = $_GET['name'];
$database_servidor = "localhost";
$database_usuario = "username";
$database_pass = "pass";
$database_nombre = "table";
$conexion = mysql_connect($database_servidor, $database_usuario, $database_pass);
mysql_select_db($database_nombre, $conexion);
$query = "INSERT INTO `nombre`(`card`) VALUES (`$name`)";
echo $query;
$sql = mysql_query($query) or die (mysql_error());
?>
Here's the result:
http://santirivera92.co.cc/insert.php?name=Santiago%20Rivera
What am I doing wrong?
You are using backticks instead of quotes around the $name data. Here's how I would do it (with escaping added to prevent SQL injections):
$query = sprintf('INSERT INTO `nombre`(`card`) VALUES ("%s")',
mysql_real_escape_string($name));
$query = 'INSERT INTO `nombre`(`card`) VALUES ("' . $name . '")';
You need double-quotes around the string value in the query.
Also don't ignore the comment of Emil Vikström about mysql_real_escape_string or prepared statements (search for mysqli). Because in my example here, if the name contains a double-quote, it will break the query, so double-quotes in the string must be escaped!
You are actually printing the query rather than printing the resulting rows from your database. You need to use mysql_result() in order to get the data.