This question already has an answer here:
Im trying to insert data into my database, it works when i dont use the $_POST['wagee'], but I cant get it to work pulling data from my form. Any help is greatly appreciated. Thank you!
here is the error I get:
You have an error in your SQL syntax; check the manual that corresponds
to your MySQL server version for the right syntax to use near ' '2')'
at line 2
This is my code:
<?php
$message = "";
if(isset($_POST['addhoursbutton']))
{
addwage();
}
function addwage() {
include 'components/sql/config.php';
$sqlupdateincome = "INSERT INTO income (username, projectname, hourlywage, totalhours)
VALUES ('John', 'Ochrom Test', ". $_POST['wagee'] .", '2')";
if ($conn->query($sqlupdateincome) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
}
?>
</div>
I think you missed the quotes around the value.
It should be '". $_POST['wagee'] ."'
$sqlupdateincome = "INSERT INTO income (username, projectname, hourlywage, totalhours)
VALUES ('John', 'Ochrom Test', '". $_POST['wagee'] ."', '2')";
It's not recommended to use user inputs directly in your queries though. I hope this is only for learning purposes.