I have a database with 4 columns Date,to,message,from one of date format and all varchar. Following is the error that i am getting:
Error: Database Error Unknown column 'anything i enter into the form's first field' in 'field list'. Here is my code:
form:
<form method='post' name:mail>
<label>
<p>
Send to Username:<p>
</label>
<input type="text" name="user" hint="Enter username" id="user" placeholder = "Name" >
</label><p>
Message:
<p>
<label>
<textarea name="message" cols="40" rows="5">
</textarea><br>
<input type="submit" name="submit" id="submit" value="Send" />
I know i should not have used $POST_[] directly into the query but i am just testing it.
php code:
<?php
$con = mysqli_connect("localhost","","","");
if (!$con)
{
echo" Not connected to database";
die('Could not connect: ' . mysqli_error());
}
if(isset($_POST['submit']))
{
$username1=$_SESSION["username"];
$sql = "INSERT INTO anengine_dbase.mail(`Date`,`to`,`message`,`from`) VALUES (CURDATE(),`$_POST[user]`, `$_POST[message]`,`$username1`)";
$xy=mysqli_query($con,$sql);
if (!$xy)
{
die('Database Error ' . mysqli_error($con));
}
echo "message successfully recorded ";
}
?>
This is your SQL statement:
INSERT INTO anengine_dbase.mail(`Date`,`to`,`message`,`from`)
VALUES (CURDATE(),`$_POST[user]`, `$_POST[message]`,`$username1`);
Unless the values are all numbers, you will have a problem. In other words, you need single quotes rather than backticks for the values:
INSERT INTO anengine_dbase.mail(`Date`, `to`, `message`, `from`)
VALUES (CURDATE(), '$_POST[user]', '$_POST[message]', '$username1');
By the way, as a general rule, it is a good idea to avoid using reserved words (such as to and from) as the names of objects in the database.
The message is clear, you're using backticks for your VALUES where you should be using quotes.
Try
VALUES (CURDATE(),'$_POST[user]', '$_POST[message]','$username1')
Backticks are for tables and columns, not for VALUES.