Error when inserting into sql database using php

Question

I have a program with a MySQL insert query:

        $sql = "INSERT INTO people (person_id, name, username, password, email, salt)
                VALUES ($person_id, $name, $username, $password, $email, $salt)";
        if ($con->query($sql) === TRUE) {
            successful();
        } else {
            unsuccessful("Error: " . $sql . "<br>" . $con->error);
        }

When I run the code I get this error:

Error: INSERT INTO people (person_id, name, username, password, email, salt) VALUES (2, Tom Jack, tjack95, 8a01fc598a676a249c5844bd3baf4f4d83cecdf2, tom@tommy.com, eb694539989fda2e17f79e70fb306f8911c3dee5)
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Jack, tjack95, 8a01fc598a676a249c5844bd3baf4f4d83cecdf2, tom@tommy.com, eb69' at line 2

The sql insert looks completely fine to me. What is the problem?

Either quote your string values or better use Prepared Statements — juergen d, Oct 24 '14 at 17:43

score 4 · Accepted Answer · answered Oct 24 '14 at 17:43

4

You're missing quotes around your string values:

$sql = "INSERT INTO people (person_id, name, username, password, email, salt)
            VALUES ($person_id, '$name', '$username', '$password', '$email', '$salt')";

answered Oct 24 '14 at 17:43

John Conde

217,595
99
455
496

YES!!! Thank you so much. I will accept your answer when I am able to in 11 mins. – kabeersvohra Oct 24 '14 at 17:45

Error when inserting into sql database using php

1 Answers1

Linked

Related