Unknown column ''value'' in 'field list'

Question

I have a problem with phpmyadmin, like this:

and my code:

$query=mysql_query("INSERT INTO `pln`(`ppno`,`persno`,`pernum`,`psgrup`,`lv`,`pos`,`nppsimkp`,`persub`,`busrea`,`pdthr`,`gk`,`marstakey`,`bkey`,`bakun`,`numtd`,`email`,`bdate`) VALUES (`'$ppno'`,`'$persno'`,`'$pernum'`,`'$psgrup'`,`'$lv'`,`'$pos'`,`'$nppsimkp'`,`'$persub'`,`'$busrea'`,`'$pdthr'`,`'$gk'`,`'$marstakey'`,`'$bkey'`,`'$bakun'`,`'$numtd'`,`'$email'`,`'$bdate'`)") or die(mysql_error());

why that happen, I use backticks (`) because my input there is like "o'neil" and "jum'at". thanks before.

You should not use both `'` and `\`` like `\`'$someVar'\``. It doesn't make sense. Second thing is that you should escape values before you put them into the query. Then you don't have to worry about `'` signs in values. — Jakub Matczak, Feb 26 '14 at 09:14

score 2 · Answer 1 · edited May 23 '17 at 10:31

addslashes() might be a solution. This function will add slashes to escape your value (strings) which is causing the error, so for example if your string in $persno have quotes in the name you just need to escape it with the function

VALUES ('$ppno','".addlashes($persno)."','$pernum',

I would rather suggest to stop using mysql_* deprecated function and move on to either PDO or mysqli and use prepared statements which will handle situation like this one and also will protect you from mysql injections

SagarPPanchal · Answer 2 · 2014-02-26T09:31:12.570

Kindly replace your query with this, you had an error with that query

$query=mysql_query("INSERT INTO `pln`(`ppno`,`persno`,`pernum`,`psgrup`,`lv`,`pos`,`nppsimkp`,`persub`,`busrea`,`pdthr`,`gk`,`marstakey`,`bkey`,`bakun`,`numtd`,`email`,`bdate`) VALUES ('".$ppno."','".$persno."','".$pernum."','".$psgrup."','".$lv."','".$pos."','".$nppsimkp."','".$persub."','".$busrea."','".$pdthr."','".$gk."','".$marstakey."','".$bkey."','".$bakun."','".$numtd."','".$email."','".$bdate."'")") or die(mysql_error());

Unknown column ''value'' in 'field list'

2 Answers2