How to insert a new row into table where values are variables?

Question

I am trying to INSERT a new row into table using variables, like this-

$name = $_POST['name'];
$surname = $_POST['surname'];
$email = $_POST['email'];
$password = $_POST['password'];
$gender = $_POST['gender'];
if($name && $surname && $email && $password){
    $dbhost = 'localhost';
    $dbuser = 'root';
    $dbpass = '';
    $db = '_erica';
    $conn = new mysqli($dbhost, $dbuser, $dbpass,$db);
    if ($conn->connect_error) {
        die("Connection failed: " . $conn->connect_error);
    };

    $sql = 'INSERT INTO login(id, name, surname, email, sex, password) VALUES (Null,$name,$surname,$email,$gender,$password)';

    if ($conn->query($sql) === TRUE) {
        echo "New record created successfully";
    }else {
        echo "Error: " . $sql . "<br>" . $conn->error;
    }

}else{
    die('All fields requiret!');
}; 

But it does not work, I have tried to add quotes around variables like this

 $sql = 'INSERT INTO login(id, name, surname, email, sex, password) VALUES(Null,"$name","$surname","$email","$gender","$password")';

still nothing... what could I do?

Answer 1

Try this,

$sql = 'INSERT INTO login(id, name, surname, email, sex, password) VALUES(NULL,"'.$name.'","'.$surname.'","'.$email.'","'.$gender.'","'.$password.'")';

Or (use double quotes outside instead of single quotes)

$sql = "INSERT INTO login(id, name, surname, email, sex, password) VALUES(NULL,$name,$surname,$email,$gender,$password)";

Answer 2

Use this. Just change single quotes with double quotes

$sql = "INSERT INTO login(id, name, surname, email, sex, password) VALUES (Null,$name,$surname,$email,$gender,$password)";