PHP - mysql insert syntax error

Asked Jun 30 '16 at 02:14

Active Jun 30 '16 at 02:14

Viewed 27 times

I'm having trouble submitting some data to MySQL via php, i get the following error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'signal values('123', 'NOW()', 'abc')' at line 1

this is the php code:

<?php
$uid = $_POST['selected_user'];
$signal_type = $_POST['signal_type'];
$query_search = "insert into signal values('$signal_type', NOW(), '$uid')";
$query_exec = mysql_query($query_search) or die (mysql_error());
?>

this is the table:

asked Jun 30 '16 at 02:14

WKcho

4

`signal` is a reserved word. – Darwin von Corax Jun 30 '16 at 02:16
3

surround the puppy with back ticks (upper left of keyboard). Concern yourself with the ones with an (R) ---> https://dev.mysql.com/doc/refman/5.5/en/keywords.html – Drew Jun 30 '16 at 02:16
Higher Power be praised, Riz is awake. – Drew Jun 30 '16 at 02:19
@Drew It is 4 o' clock in the morning, of course I'm awake :) – Rizier123 Jun 30 '16 at 02:19
1

You might want to verify your POST variables before using them, not to mention that your code is prone to SQL injection. Additionally, `mysql_*` functions are deprecated. You should use `mysqli_*` or PDO functions instead. If you use the newer functions and use prepared statements and bound variables, your code will be much safer. – Sgt AJ Jun 30 '16 at 02:20

PHP - mysql insert syntax error

0 Answers0