Adding data to MySQL won't work

Question

Can't figure out what I'm doing wrong here:

<?php
include "dbopen.php";
$fnamn = $_POST["fnamn"];
$enamn = $_POST["enamn"];
$email = $_POST["email"];

mysqli_query($dbconnect,"INSERT INTO personer (Fornamn, Efternamn, Email) VALUES ($fnamn, $enamn, $email)");

?>

The include tag works fine, since I can create data in phpmyadmin and get it to write out the data, but adding won't work. Ain't getting any errormessages either...

Thanks in advance!

Answer 1

Put quotes around these string values like

VALUES ('$fnamn', '$enamn', '$email')

And at the very minimum, run your POST values through mysqli_real_escape_string

Answer 2

<?php
include "dbopen.php";

$fnamn = mysqli_real_escape_string($dbconnect, $_POST["fnamn"]);
$enamn = mysqli_real_escape_string($dbconnect, $_POST["enamn"]);
$email = mysqli_real_escape_string($dbconnect, $_POST["email"]);

$sql = "INSERT INTO `personer` (`Fornamn`, `Efternamn`, `Email`) VALUES ('".$fnamn."', '".$enamn."', '".$email."');";

if (mysqli_query($dbconnect, $sql) === true) {
    printf('Success');
} else {
    print_f(mysqli_error($dbconnect));
}

?>