SQL syntax error. check corresponds to MYSQL server

Question

I try to do a form which can insert data into database. After I insert a dummy data the is come out.

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax

This error are make me in trouble. My database are not inserted any record

<?php

    $db = "assignment";
    $table = "column";

    $conn = mysqli_connect("localhost","root","");
    mysqli_select_db($conn,$db);

        $Title = $_POST['title'];
        $Author = $_POST['author'];
        $Country = $_POST['country'];
        $Date = $_POST['date'];
        $Abstract = $_POST['abstract'];
        $Problem = $_POST['rproblem'];
        $Aim = $_POST['raim'];
        $Objectives = $_POST['robjective'];
        $Type = $_POST['rstudies'];

    if(isset($_POST['rmethod'])){
        $method = implode(",",$_POST['rmethod']);
    }else{
        $method = "";
    }

    $sql = "INSERT INTO '$table' (title,author,country,date,abstract,rproblem,raim,robjective,rstudies,rmethod)
            VALUES ('$Title','$Author,'$Country','$Date','$Abstract','$Problem','$Aim','$Objectives','$Type','$method')";

    mysqli_query($conn,$sql);

    if (!mysqli_query($conn,$sql)){
        die('Error: ' . mysqli_error($conn));
    }else{
        echo "Data Added";
    }
    mysqli_close($conn);

    ?>

score 3 · Accepted Answer · edited May 23 '17 at 12:04

3

You've set your $table variable inside single quotes while using a reserved word, column for your table name $table = "column";

Use backticks around it, like so:

INSERT INTO `$table`

either do that or give your table another name.

Read the manual about table and column identifiers

You also have a quote missing here '$Author, so do '$Author',

Also, you can remove mysqli_query($conn,$sql); since you're already using
if (!mysqli_query($conn,$sql))

Footnotes:

Your present code is open to SQL injection. I strongly suggest that you use prepared statements, or PDO with prepared statements.

edited May 23 '17 at 12:04

Community

1
1

answered Jul 30 '14 at 04:31

Funk Forty Niner

74,450
15
68
141

now the new error are come out. You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Malaysia','','','','','','Observational','')' at line 2 – William Lee Jul 30 '14 at 04:36
@WilliamLee You also have a quote missing here `'$Author,` so do `'$Author',` – Funk Forty Niner Jul 30 '14 at 04:40
@WilliamLee you need to accept/upvote helpful answers – Rakesh Sharma Jul 30 '14 at 04:46
I was going nuts with a similar problem. In my case, I had `Load='test'` and as soon as I changed it to `\`Load\`='test'` it worked. – Morfinismo Mar 03 '20 at 02:04
@Morfinismo I have to admit that I also ventured down that road at the beginning. From then on, I found the reference for it, and ["LOAD" is indeed a MySQL reserved word](https://dev.mysql.com/doc/refman/8.0/en/keywords.html#keywords-8-0-detailed-L). Glad to know that the Q&A here served you well, *cheers!* – Funk Forty Niner Mar 03 '20 at 02:41

score 0 · Answer 2 · edited May 23 '17 at 11:50

0

Try this

$sql = "INSERT INTO $table (title,author,country,date,abstract,rproblem,raim,robjective,rstudies,rmethod)
            VALUES ('$Title','$Author','$Country','$Date','$Abstract','$Problem','$Aim','$Objectives','$Type','$method')";

The table name or column name must enclose them in back-ticks (`) and not in single quotes or double quotes. Otherwise don't wrap them.Simply try like above.And if you are using reserved keywords as table name or column name then you must enclose them in back-ticks.And its better not to use any reserve keyword.So if you can change the name then it will be the best choice.You are using two reserve keywords in your query. Your table name and date column. Both are keywords

You can check my answer here for more

edited May 23 '17 at 11:50

Community

1
1

answered Jul 30 '14 at 04:31

웃웃웃웃웃

11,829
15
59
91

but there are still the same problem. – William Lee Jul 30 '14 at 04:32
can you post the error message you are getting and try to echo your query and see what query is executing – 웃웃웃웃웃 Jul 30 '14 at 04:33
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Malaysia','','','','','','Observational','')' at line 2 – William Lee Jul 30 '14 at 04:37
you are missing the closing quotes of `'$Author` – 웃웃웃웃웃 Jul 30 '14 at 04:40

Rakesh Sharma · Answer 3 · 2014-07-30T04:45:31.383

0

Follow other answer you also missing ' on $author

$sql = "INSERT INTO `$table` (title,author,country,date,abstract,rproblem,raim,robjective,rstudies,rmethod)
            VALUES ('$Title','$Author','$Country','$Date','$Abstract','$Problem','$Aim','$Objectives','$Type','$method')";

Also better use to replace

mysqli_query($conn,$sql);
if (!mysqli_query($conn,$sql)){

to

$result = mysqli_query($conn,$sql);
if (!$result){

else your query will execute two time.

edited Jul 30 '14 at 04:45

answered Jul 30 '14 at 04:40

Rakesh Sharma

13,680
5
37
44

@Fred-ii- yeah thanks dude for clear i am bit confuse about this – Rakesh Sharma Jul 30 '14 at 04:48
You're welcome Rakesh. This one was a bit confusing, I must admit. – Funk Forty Niner Jul 30 '14 at 04:50

SQL syntax error. check corresponds to MYSQL server

3 Answers3