0

i have tried this code to insert value into database, but i don't Know why, the value was not send into the databases. The table i have created in the mysql :

    <?php
    require_once "connection.php";
        $conn = connect();
        $db = connectdb();

    mysql_select_db($db,$conn) or die (mysql_error() . "\n");
    $query_usr = "select * from soalselidik";
    $usr = mysql_query($query_usr,$conn) or die(mysql_error()."\n".$query_usr);
    $row_usr=mysql_fetch_assoc($usr);

//to insert in database
    $a1=$_POST['a1'];
    $a2=$_POST['a2'];
    $a3=$_POST['a3'];
    $a4=$_POST['a4'];
    $b1=$_POST['b1'];
    $b2=$_POST['b2'];
    $b3=$_POST['b3'];
    $b4=$_POST['b4'];
    $c1=$_POST['c1'];
    $c2=$_POST['c2'];
    $c3=$_POST['c3'];
    $c4=$_POST['c4'];
    $d1=$_POST['d1'];
    $d2=$_POST['d2'];
    $d3=$_POST['d3'];
    $d4=$_POST['d4'];
    $e1=$_POST['e1'];
    $f1=$_POST['f1'];

    echo $query ="insert into soalselidik (a1,a2,a3,a4,b1,b2,b3,b4,c1,c2,c3,c4,d1,d2,d3,d4,e1,f1) values('$a1','$a2','$a3','$a4','$b1','$b2','$b3','$b4','$c1','$c2','$c3','$c4''$d1','$d2','$d3','$d4','$e1','$f1')";
    $result = mysql_query($query);

    echo "<script languange = 'Javascript'>
                    alert('thankyou ! Penilaian anda diterima ');
                    location.href = 'home.php';</script>";

    ?>
FatihahZabidi
  • 3
  • 2

1 Answers1

3
'$c4''$d1'

Find that in your query and fix it :) And please do some error checking, and please stop using MySQL_* for your own good. Why should people not run any error checking mechanism that's already provided in the language and expect others to debug typos?

In case you didn't get it, there's a comma missing

How can I prevent SQL injection in PHP?

Community
  • 1
  • 1
Hanky Panky
  • 46,730
  • 8
  • 72
  • 95
  • I just want to second the "stop using `MySQL_*` because it's very important. It's been deprecated, and you're way safer using another method. I prefer PDO myself. – muttley91 Sep 02 '14 at 03:26