SQL Syntax error. I couldn't find what went wrong

Question

My demo.php code is as below. The error that I got was You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''FullName', 'Email', 'Postcode', 'DateofBirth', 'Gender') VALUES ('David Beckham', ' at line 1

  <?php
define('DB_NAME', 'testdb');
define('DB_USER', 'root');
define('DB_PASSWORD', '');
define('DB_HOST', 'localhost');

//logon
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);

if(!$link){
     die('Could not connect: '. msql_error());
} 

$db_selected = mysql_select_db(DB_NAME, $link);

    if(!$db_selected){
       die('Cant use' . DB_NAME . ':' . mysql_error());
    }

    $value = $_POST['FullName'];
    $value2 = $_POST['Email'];
    $value3 = $_POST['Postcode'];
    $value4 = $_POST['DateofBirth'];
    $value5 = $_POST['Gender'];


//insert into table.
$sql = "INSERT INTO demo ('FullName', 'Email', 'Postcode', 'DateofBirth', 'Gender') VALUES ('$value', '$value2', '$value3', '$value4', '$value5')";

if(mysql_query($sql)){
   echo "Thank you for signing up";
}else{
   die('Error:'. mysql_error());
}



mysql_close();

?>

Having query problems? *First*, try the query in the command-line client or phpMyAdmin to check for syntax errors. Also, you *will* have problems in the future with that code; to avoid these - 1) [*Don't* use `mysql_`](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php/12860046#12860046) 2) [*Do* use parameterized queries](http://stackoverflow.com/a/60496/2864740). — user2864740, Mar 23 '14 at 10:15
possible duplicate of [When to use single quotes, double quotes, and backticks?](http://stackoverflow.com/questions/11321491/when-to-use-single-quotes-double-quotes-and-backticks) — Michael Berkowski, Mar 23 '14 at 12:51

score 4 · Answer 1 · answered Mar 23 '14 at 10:13

4

You need to wrapping the column names in backtricks (`)

$sql = "INSERT INTO demo (`FullName`, `Email`, `Postcode`, `DateofBirth`, `Gender`) VALUES('$value', '$value2', '$value3', '$value4', '$value5')";

answered Mar 23 '14 at 10:13

underscore

6,495
6
39
78

score 0 · Answer 2 · answered Mar 23 '14 at 10:21

The problem lies with the quotation marks you used for the column names. You should use the grave accent punctuation mark instead (usually left of the 1 key and found with the tilde)

INSERT INTO demo (`FullName`, `Email`, `Postcode`, `DateofBirth`, `Gender`) VALUES ('$value1', '$value2', '$value3', '$value4', '$value5');

SQL Syntax error. I couldn't find what went wrong

2 Answers2