1

I'm making a php quiz and in the beginning I ask someone's name. This is stored in a session. I put the score they get in the variable $score. At the end, I need to put the name(in the session) and the score they got in a database for the highscore list. But it just won't work.

Here's my code:

$sql = mysqli_query($db, "INSERT into WP12_highscore(name, score) 
       VALUES (" . $_SESSION['name'] . ", $score)");

I can't find much about it, but this seems fine to me. It does work when I just put some name and number in, and the $score one works as well(have been experimenting with it so it might be wrong now), but I just can't get the session variable to store in the database..

user3700040
  • 23
  • 3
  • 2
    You have a quoting problem, the string `$_SESSION['name']` must be enclosed in single quotes in the SQL query. See [When to use single quotes, double quotes and backticks](http://stackoverflow.com/questions/11321491/when-to-use-single-quotes-double-quotes-and-backticks) Something like `mysqli_query($db, "INSERT into WP12_highscore(name, score) VALUES ('" . $_SESSION['name'] . "', $score)");` noting the addition of the `'` single quotes around the concatenation... – Michael Berkowski Jun 10 '14 at 16:13
  • Now is a great time to start learning [how to use `prepare()/execute()`](http://www.php.net//manual/en/mysqli.prepare.php)for parameterized queries in MySQLi. – Michael Berkowski Jun 10 '14 at 16:20
  • Thank you so much @MichaelBerkowski ! Such a stupid mistake – user3700040 Jun 10 '14 at 16:23

0 Answers0