i have a php code that insert session value into database,but i get this error when trying to insert Error: INSERT INTO tbale name (amount,bankname) VALUES ( 20000.00,gtbank) Unknown column 'gtbank' in 'field list'.the session has the value GTBANK below is my code that insert session value to database
<?php
session_start(); {
//Include database connection details
include('../../dbconnect.php');
if($_SESSION["bn"]) {
}
$amount = strip_tags($_POST['cat']);
$field1amount = $_POST['cat'];
$field2amount = $field1amount + ($field1amount*0.5);
$sql = "INSERT INTO provide_help (amount,bankname) VALUES ( $field1amount,".$_SESSION['bn'].")";
if (mysqli_query($conn, $sql))
$sql = "INSERT INTO gh (ph_id, amount) VALUES (LAST_INSERT_ID(), $field2amount)";
if (mysqli_query($conn, $sql))
{
$_SESSION['ph'] ="<center><div class='alert alert-success' role='alert'>Request Accepted.</div></center>";
header("location: PH.php");
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
mysqli_close($conn);
}
?>
anyone who can help please?.thanks
bankname field is type of varchar I think. So you need to pass string with quotes ''. See below your code should be like this.
$sql = "INSERT INTO provide_help (amount,bankname)
VALUES ( $field1amount,'".$_SESSION['bn']."')";
When inserting string (bankName) in data base it should be covered with quote.
Use this:
$sql = "INSERT INTO provide_help (amount,bankname) VALUES ( $field1amount,'".$_SESSION['bn']."')";
// ^ ^ --- Single quote added
I will suggest you to use bind_params like following:
$stmt = $conn->prepare("INSERT INTO provide_help (amount,bankname) VALUES (?, ?)");
$stmt->bind_param("ds", $field1amount, $_SESSION['bn']);
if ($stmt->execute()){
// handle success
} else {
// handle error
}
The argument may be one of four types while binding:
i - integer
d - double
s - string
b - BLOB