Trouble entering data into MySQL database with PHP

Question

I have been checking my syntax all night yet I can't seem to see what is wrong. I'm relatively new to all this and would appreciate nay help that may be provided. The error I'm getting is

"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''ID','Name','Option','Sides') VALUES(NULL,'Denise','Chicken','Mashed Potat' at line 1"

My code is below:

<?php
include 'connect.php';

$name = $_POST['inputName'];
$opt = $_POST['inputOption'];
$side = $_POST['inputSides'];

if(!$_POST['Submit']) {
    echo "Please fill out the form.";
    header('Location: index.php');
} else {
    mysql_query("INSERT INTO people ('ID','Name','Option','Sides')
                VALUES(NULL,'$name','$opt','$side')") or die(mysql_error());
    echo "User has been added.";
    header('Location: index.php');
    }
?>

score 1 · Accepted Answer · edited May 23 '17 at 12:05

1

You're using the wrong identifiers for your columns:

('ID','Name','Option','Sides')

Either remove the quotes or wrap them in backticks.

(`ID`,`Name`,`Option`,`Sides`)

Plus, your present code is open to SQL injection.
Use mysqli with prepared statements, or PDO with prepared statements, they're much safer.

Another thing; should you want to be entering apostrophes, use stripslashes() including mysql_real_escape_string(). The occasion may very well present itself; an insight.

Otherwise, SQL will throw another error.

edited May 23 '17 at 12:05

Community

1
1

answered Sep 26 '14 at 02:04

Funk Forty Niner

74,450
15
68
141

1

Thank you very much. I didn't even realize. Everything works flawlessly now. – John Moran Sep 26 '14 at 02:06

Trouble entering data into MySQL database with PHP

1 Answers1