I try to do a form which can insert data into database. After I insert a dummy data the is come out.
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax
This error are make me in trouble. My database are not inserted any record
<?php
$db = "assignment";
$table = "column";
$conn = mysqli_connect("localhost","root","");
mysqli_select_db($conn,$db);
$Title = $_POST['title'];
$Author = $_POST['author'];
$Country = $_POST['country'];
$Date = $_POST['date'];
$Abstract = $_POST['abstract'];
$Problem = $_POST['rproblem'];
$Aim = $_POST['raim'];
$Objectives = $_POST['robjective'];
$Type = $_POST['rstudies'];
if(isset($_POST['rmethod'])){
$method = implode(",",$_POST['rmethod']);
}else{
$method = "";
}
$sql = "INSERT INTO '$table' (title,author,country,date,abstract,rproblem,raim,robjective,rstudies,rmethod)
VALUES ('$Title','$Author,'$Country','$Date','$Abstract','$Problem','$Aim','$Objectives','$Type','$method')";
mysqli_query($conn,$sql);
if (!mysqli_query($conn,$sql)){
die('Error: ' . mysqli_error($conn));
}else{
echo "Data Added";
}
mysqli_close($conn);
?>
You've set your $table variable inside single quotes while using a reserved word, column for your table name $table = "column";
Use backticks around it, like so:
INSERT INTO `$table`
either do that or give your table another name.
You also have a quote missing here '$Author, so do '$Author',
Also, you can remove mysqli_query($conn,$sql); since you're already usingif (!mysqli_query($conn,$sql))
Footnotes:
Your present code is open to SQL injection. I strongly suggest that you use prepared statements, or PDO with prepared statements.
Try this
$sql = "INSERT INTO $table (title,author,country,date,abstract,rproblem,raim,robjective,rstudies,rmethod)
VALUES ('$Title','$Author','$Country','$Date','$Abstract','$Problem','$Aim','$Objectives','$Type','$method')";
The table name or column name must enclose them in back-ticks (`) and not in single quotes or double quotes. Otherwise don't wrap them.Simply try like above.And if you are using reserved keywords as table name or column name then you must enclose them in back-ticks.And its better not to use any reserve keyword.So if you can change the name then it will be the best choice.You are using two reserve keywords in your query. Your table name and date column. Both are keywords
You can check my answer here for more
Follow other answer you also missing ' on $author
$sql = "INSERT INTO `$table` (title,author,country,date,abstract,rproblem,raim,robjective,rstudies,rmethod)
VALUES ('$Title','$Author','$Country','$Date','$Abstract','$Problem','$Aim','$Objectives','$Type','$method')";
Also better use to replace
mysqli_query($conn,$sql);
if (!mysqli_query($conn,$sql)){
to
$result = mysqli_query($conn,$sql);
if (!$result){
else your query will execute two time.