How to insert the string data from PHP into MySql table

Question

How to insert these string data from PHP into MySQL table, I can get the code running but it not inserting into database.

The php code:

<?php

//mysql connection
$connect_error = 'Sorry, the database server is down. Please try again later.';
mysql_connect('xxxxxxxxx.com', 'xxxxxxx', 'xxxxxxxxx') or die($connect_error);
mysql_select_db('checkbox_test') or die($connect_error);

if (isset($_POST['submit'])) {
    if (isset($_POST['subject'])) {
        $strsubject = implode(",", ($_POST['subject']));
    } else {
        $strsubject = "";
    }

    echo $strsubject;
}

mysql_query("INSERT INTO levels (level_1, level_2, level_3, level_4, level_5, level_6) VALUES ($strsubject");
?>

The html:

<form action="" method="post" name="form_subject" id="form_subject">

    <input type="checkbox" name="subject[]" value="level_1"><label>Level 1</label><p>    
    <input type="checkbox" name="subject[]" value="level_2"></label>Level 2</label><p>  
    <input type="checkbox" name="subject[]" value="level_3"></label>Level 3</label><p>   
    <input type="checkbox" name="subject[]" value="level_4"><label>Level 4</label><p>    
    <input type="checkbox" name="subject[]" value="level_5"></label>Level 5</label><p>       
    <input type="checkbox" name="subject[]" value="level_6"></label>Level 6</label><p>

    <input type="submit" action= "" name="submit"  value="Submit" />

</form>

The database table has 7 columns, 1 for id (set to A_I) and the rest named for each level. I'm new to web developing, thanks guys

Answer 1

You're missing a closing parenthesis in your INSERT statement, right after $strsubject and before the ":

mysql_query("INSERT INTO levels (level_1, level_2, level_3, level_4, level_5, level_6) 
                    VALUES ($strsubject")

This may not be the only problem.

Answer 2

1. In PHP, like in JS, C++ and Java, one does not simply put a variable into another. Use the right concat character .:

.

$what      = "lazr!";
$variable1 = "firin " . $what;

$sql = "....SET column1='" . $data1 . "')";

.

1. Don't use mysql_* functions.

2. Use prepared statements within PDO: http://php.net/manual/de/pdo.prepare.php

.

<?php
/* Execute a prepared statement by passing an array of values */
$sth = $dbh->prepare('SELECT name, colour, calories
    FROM fruit
    WHERE calories < ? AND colour = ?');
$sth->execute(array(150, 'red'));
$red = $sth->fetchAll();
$sth->execute(array(175, 'yellow'));
$yellow = $sth->fetchAll();

1. $strsubject = implode(",", ($_POST['subject'])); should be:

.

$strsubject = "'" . implode("', '", ($_POST['subject'])) . "'";