-1
insert into  `patient` ( `pat_f_name`, `pat_l_name`, `pat_gender`, `pat_age`, `pat_dob`, `pat_blood_grp`, `pat_weight`, `pat_contact_no`, `pat_address` )
    ->  VALUES
    ->  ('$user_fname','$user_lname','$user_gender','$user_age','$user_dob','$user_bg','$user_weight','$user_contact_no','$user_address');

ERROR 1366 (HY000): Incorrect integer value: '$user_age' for column 'pat_age' at row 1

the table looks like

+----------------+-------------+------+-----+---------+----------------+
| Field          | Type        | Null | Key | Default | Extra          |
+----------------+-------------+------+-----+---------+----------------+
| pat_id         | int(50)     | NO   | PRI | NULL    | auto_increment |
| dr_id          | int(50)     | NO   |     | NULL    |                |
| pat_f_name     | char(20)    | NO   |     | NULL    |                |
| pat_l_name     | char(20)    | NO   |     | NULL    |                |
| pat_gender     | char(20)    | NO   |     | NULL    |                |
| pat_age        | int(20)     | NO   |     | NULL    |                |
| pat_dob        | date        | NO   |     | NULL    |                |
| pat_blood_grp  | varchar(10) | NO   |     | NULL    |                |
| pat_weight     | int(10)     | NO   |     | NULL    |                |
| pat_contact_no | varchar(12) | NO   |     | NULL    |                |
| pat_address    | varchar(20) | NO   |     | NULL    |                |
+----------------+-------------+------+-----+---------+----------------+
Jay Blanchard
  • 34,243
  • 16
  • 77
  • 119
Sadaf Ali
  • 1
  • 3
  • 1
    Seems like you want to get rid of the quotes around the php variables – The F Jul 03 '17 at 21:44
  • [Little Bobby](http://bobby-tables.com/) says ***[your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)***. Even [escaping the string](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) is not safe! – Jay Blanchard Jul 03 '17 at 21:46

1 Answers1

0
$sql = "INSERT INTO patient(pat_f_name, pat_l_name, pat_gender, pat_age, pat_dob, pat_blood_grp, pat_weight, pat_contact_no, pat_address) VALUES ('$user_fname','$user_lname','$user_gender','$user_age','$user_dob','$user_bg','$user_weight','$user_contact_no','$user_address')";
Muhammad Usman
  • 1,403
  • 13
  • 24