why is insert into not working

Question

I made this code

<?php
  mysql_connect ("localhost","root","root");
  mysql_select_db ("new");
  $newusername=$_POST ['newusername'];
  $newpassword=$_POST ['newpassword'];
  $submit=$_POST ['submit'];
  if($submit) {
    $newaccount= "INSERT INTO users (name,password) VALUES ("$newusername","$newpassword")";
    $result=mysql_query($newaccount);
    if ($result) {
      print "account has been created"."<meta http-equiv="refresh" content="5;login.php">";
    }
    else {
      echo " The account is already exist";
    }
  }
?>

but it says error on line 8 which is " insert into" line

Answer 1

There is a problem with double quotes. You can add concatenation:

$newaccount = "INSERT INTO users (name,password) VALUES ('" . $newusername . "','" . $newpassword . "')";

P.S. Don't use mysql_* functions (mysql extension is deprecated), use mysqli_* instead.

Answer 2

You used wrong quoting:

$newaccount= "INSERT INTO users (name,password) VALUES ('$newusername','$newpassword')";

Answer 3

Sorting out the quotes and using mysql_real_escape_string to sanitise the input (and prevent an easy SQL injection attack):-

<?php
mysql_connect("localhost","root","root");
mysql_select_db ("new");
$newusername = mysql_real_escape_string($_POST['newusername']);
$newpassword = mysql_real_escape_string($_POST['newpassword']);
$submit = $_POST['submit'];
if($submit) 
{
    $newaccount = "INSERT INTO users (name, password) VALUES ('$newusername', '$newpassword')";
    $result = mysql_query($newaccount);
    if ($result) 
    {
        print "account has been created"."<meta http-equiv='refresh' content='5;login.php'>";
    }
    else 
    {
        echo " The account is already exist";
    }
}
?>

Answer 4

$newaccount= "INSERT INTO users (name,password) VALUES ("$newusername","$newpassword")";

TO

$newaccount= "INSERT INTO users (name,password) VALUES ('".$newusername."','".$newpassword."')";

OR TO

$newaccount= "INSERT INTO users (name,password) VALUES ('$newusername','$newpassword')";

Answer 5

<?php
    mysql_connect ("localhost","root","root");
    mysql_select_db ("new");
    $newusername=$_POST ['newusername'];
    $newpassword=$_POST ['newpassword'];
    $submit=$_POST ['submit'];
    if($submit) {
    $newaccount= "INSERT INTO users (name,password) VALUES ('".$newusername."', '".$newpassword."')";
    $result=mysql_query($newaccount);
    if ($result) {
    print "account has been created"."<meta http-equiv="refresh" content="5;login.php">";
    }
    else {
    echo " The account is already exist";
    }
    }
    ?>