Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING in your code PHP

Question

$sSql = "INSERT INTO comments
     ( post_id,name, email, website,content)
     VALUES (".$_POST[postid]",'".$_POST[name]"', '".$_POST[email]"', '"$_POST[website]"',  '"$_POST[content]"')";

I am getting the following error. Can anyone help to fix this? Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING in your code

Answer 1

Your strings aren't concatenated properly, you are missing some . before and after some $_POST[]

Answer 2

Error was in string concatenation missing . and array missing qoutes

$sSql = "INSERT INTO comments
 ( post_id,name, email, website,content)
 VALUES (".$_POST['postid'].",'".$_POST['name']."', '".$_POST['email']."', '".$_POST['website']."',  '".$_POST['content']."')";

Use mysql_escape_string to avoid sql injection and best way to avoid sql injection.

Answer 3

You need to wrap with two periods. .$_POST[postid].

Also, make sure you escapting your $_POST parameters as it may be subject to SQL injection.

Answer 4

$_POST should be used as an associative array. So the keys should in quotes : $_POST['key']

Answer 5

It's because you forgot some dots - unexpected strings are starting in your query.

$sSql = "INSERT INTO comments
     ( post_id,name, email, website,content)
     VALUES (".$_POST['postid'].",'".$_POST['name']."', '".$_POST['email']."', '".$_POST['website']."',  '".$_POST['content']."')";

Please escape userinputs before putting it into database. And take care of the arraykeys: it works without setting them into '' because php takes them as constants, can't find a defined constant of this name, and assumes that this has to be a string. Unnecessary.

Answer 6

Please use this. You forget quotes and dotes.

$sSql = "INSERT INTO comments ( post_id,name, email, website,content) VALUES (".$_POST['postid'].",'".$_POST['name']."', '".$_POST['email']."', '".$_POST['website']."',  '".$_POST['content']."')";