syntax error, unexpected '$Name' (T_VARIABLE)

Question

syntax error, unexpected '$Name' (T_VARIABLE) error appears for this line

My query is-

$sql = "INSERT INTO person (Name,Email) VALUES ("$Name","$Email")";

score 1 · Answer 1 · answered Oct 12 '16 at 10:05

1

Use single quote in value

$sql = "INSERT INTO person (Name,Email) VALUES ("$Name","$Email")";

To

$sql = "INSERT INTO person (Name,Email) VALUES ('$Name','$Email')";

answered Oct 12 '16 at 10:05

Devsi Odedra

5,244
1
23
37

score 0 · Answer 2 · answered Oct 12 '16 at 10:05

You cannot use quote chars like that, the second one would terminate the string you define. Instead try using different types of quotes. That allows to actually have a quote character inside your defined string.

Take a look at this modified and working version:

$sql = "INSERT INTO person (Name, Email) VALUES ('$Name', '$Email')";

Be aware however that such creation of a sql statement smells very much of sql injection attack vulnerability...

syntax error, unexpected '$Name' (T_VARIABLE)

2 Answers2