I have a PHP file that recieves an associative array of name, email and password.
When I try to insert the data using PHP MySQL query in this PHP file, it flashes following error
"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@gmail.com, qweqwe)' at line 1"
My PHP code is as follows:
$data = array
(
'name' => $name,
'email' => $email,
'password' => $password,
);
mysql_query("INSERT INTO `other_doktrs` (`dnme` ,`emyl` ,`paswrd`) VALUES ($name, $email, $password)");
I tried to change the order of column names but it was of no help.
thanks in advance
You still need to put quotes around strings if you want to use the old direct (and SQL Injection prone) methods:
mysql_query("INSERT INTO `other_doktrs` (`dnme` ,`emyl` ,`paswrd`) VALUES ('$name', '$email', '$password')");
You really should look at PDO though and prepared statements. Much much safer - and as a bonus when you pass params, you don't need the quotes. Irony huh? :)
Try this :
mysql_query("INSERT INTO `other_doktrs` (`dnme` ,`emyl` ,`paswrd`) VALUES ('$name', '$email', '$password')");
Try this,
mysql_query("INSERT INTO `other_doktrs` (`dnme` ,`emyl` ,`paswrd`) VALUES ("'.$name.'"," '.$email.'", "'.$password.'")");
passing query with quotes.
Hope this helps you.