Fatal error: Function name must be a string in _______ on line 20

Question

Here is my code and I don't know how to fix it, please help thanks! here is the par where the error is, it's on the line with $value.

    $db_selected = mysqli_select_db($link, DB_NAME);

    if (!$db_selected) {
    die('Can\'t use '. DB_NAME . ': ' .mysqli_error());
      } 

    $value = $_POST ('Name');
    $value2 = $_POST ('Email');
    $query= "INSERT INTO person (Name, Email) VALUES ('$value',      '$value2' )";

    if (!mysqli_query($query)) {
    die('Error: ' . mysql_error());
     }

Please provide more info (minimal, complete, verifiable code) and error stack trace — Pratham, Sep 14 '17 at 12:00

score 3 · Answer 1 · answered Sep 14 '17 at 09:38

You've got a syntax error on these lines:

$value = $_POST ('Name');
$value2 = $_POST ('Email');

$_POST is an array, so you need to use square brackets to access it, like so:

$value = $_POST['Name'];
$value2 = $_POST['Email'];

Using regular brackets tells PHP that you're trying to call a function with the value in the variable $_POST. Because it's an array, it's throwing an error.

I should also add that you've got a serious SQL injection vulnerability. See this answer for more details: How can I prevent SQL injection in PHP?

Also include about `mysql_error` to change this to `mysqli_error` — Niklesh Raut, Sep 14 '17 at 09:41

score 1 · Answer 2 · edited Sep 14 '17 at 09:42

1

I think you mean:

$value = $_POST['Name'];
$value2 = $_POST['Email'];

Notice the square brackets for $_POST instead of the parentheses you had.

edited Sep 14 '17 at 09:42

Niklesh Raut

34,013
16
75
109

answered Sep 14 '17 at 09:39

davidethell

11,708
6
43
63

Fatal error: Function name must be a string in _______ on line 20

2 Answers2