PHP / MYSQL - 混淆与通过php添加到mysql表相关的代码块

Would someone be able to enlighten me as to why when the following code block is run in my script, the error is triggered, but when the sql query is attempted directly via php myadmin, there are no problems.

There is a mysql connection running in the script.

// Generate a random key and add details to specials table
$email = $_POST['specials'];
$randomKey = substr(str_shuffle(str_repeat('ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789',12)),12);
$sql = "
    INSERT INTO specials SET
    id='',
    email='$email',
    verified='0',
    `key`='$randomKey',
    timestamp=NOW()
";
if (!mysqli_query($link, $sql))
{
    $error = 'Error adding email address to specials table.';
    include "$docRoot/html/main/error.html.php";
    exit();
}

I am quite sure that I have coded this correctly and before i go through a trail and error testing session, i thought thatone could have a brief look over this and tell me if they spot any obvious errors that may have eluded me.

Thanks for taking the time to read through this!

EDIT:

With the following code :

if (!mysqli_query($link, $sql12))
{
    echo mysqli_error();
    $error = 'Error adding email address to specials table.';
    include "$docRoot/html/main/error.html.php";
    exit();
}

I get the following output:

Warning: mysqli_error() expects exactly 1 parameter, 0 given in /serveraddress/includes/inc/assistors/controllers.inc.php on line 161

Try this to see what exactly its returning

$result = mysqli_query($link, $sql);
var_dump($result);

Can you please check if any of the fields are numeric by any chance? You are sending character data in each and as such that may be the reason for the SQL failing.

Since you mentioned that ID is an INT then please use the modified code below:

// Generate a random key and add details to specials table
$email = $_POST['specials'];
$randomKey = substr(str_shuffle(str_repeat('ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789',12)),12);
$sql = "
    INSERT INTO specials SET
    id=0,
    email='$email',
    verified=0,
    `key`='$randomKey',
    timestamp=NOW()
";
if (!mysqli_query($link, $sql))
{
    $error = 'Error adding email address to specials table.';
    include "$docRoot/html/main/error.html.php";
    exit();
}

'' means a blank string and MySQL cannot successfully convert a blank string to a number of type INT from it and hence it was failing your SQL INSERT command. As such, you need to send either 0 or if your ID column allows NULL then you can also send NULL. But sending '' will generate an error.

A point to note here is that the '0' sent by you to verified does not trigger the error as '0' successfully converts to 0 and hence MySQL does not have an issue with that.

The error was being generated as you were trying to save '' i.e. a blank string to the ID column.