I have written a php script on my web server to insert values into the table table3. The variables used to get values are username and image. username contains varchar type data and image contains text type data in it. I need to insert it into my table table3 . The table3 is having two columns username and imagename which is of varchar type and text type respectively.
When I try to run the above script by entering values, an error shows as given below:
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' at line 1.
I don't understand what the error is and I'm stuck here with knowing the error. Can someone please clear the errors for me. I'm a newbie in php and doesnot know much about php. So a little help from anyone is needed... Please help me out. My php script is shown below:
<?php
$con=mysqli_connect("localhost","username","password","db_name");
if (mysqli_connect_errno($con))
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$username = $_POST['username'];
$image = $_POST['image'];
$result = mysqli_query($con,"INSERT INTO table3 (username,imagename) VALUES ('$username','$image')");
if (!mysqli_query($con,$result))
{
die('Error: ' . mysqli_error($con));
}
else
echo "1 record added";
mysqli_close($con);
?>
1) **You have an error in your SQL syntax; ** means that You have error in your query. It seems that your query is okay but that error may come from your post data. you need to mysqli_real_escape_string for post data.
2) you have executed twice the query.
try like this :
$username = mysqli_real_escape_string($con, $_POST['username']);
$image = mysqli_real_escape_string($con,$_POST['image']);
$result = mysqli_query($con,"INSERT INTO table3 (username,imagename) VALUES ('$username','$image')");
if (!$result)
{
die('Error: ' . mysqli_error($con));
}
else
echo "1 record added";
mysqli_close($con);
You should have written something like
$result = mysqli_query($con,"INSERT INTO table3 (username,imagename) VALUES ('$username','$image')");
if (!$result)
{
die('Error: ' . mysqli_error($con));
}
the condition should be something like
if (!$result)
{
die('Error: ' . mysqli_error());
}
Your SQL request (INSERT) is sent at the 9th line and the result is caught in $result. $result contains the number of lines affected by the previous request (1).
Then you call the mysqli_query method again with the value of $result as a SQL request : "1" is not a valid SQL request.