0

I'm trying to insert dates into a mysql database using PHP. However, the insert query brings up this error when I press submit on the form.

PHP Fatal error: Call to a member function format() on boolean

$show_date1 = DateTime::createFromFormat('d/m/Y', $publicexpiry)->format('Y-m-d');


$sql = "INSERT INTO " . $config_tbl_prefix . " subcontractor_qs (nameofcompany, mainaddress, natureofbiz, telnum, publicexpiry)

VALUES
('" . mysql_real_escape_string($nameofcompany) . "', " . mysql_real_escape_string($mainaddress) . ", '" . mysql_real_escape_string($natureofbiz) . ", '" . mysql_real_escape_string($telnum) . ", '" . mysql_real_escape_string($show_date1) . "')";

Any help would be greatly appreciated. I am using this code on another page with an update query and this works as it should. So I can't understand what's going wrong. I have tried other answers to similar questions but they don't work for me.

Ross
  • 66
  • 12
  • 1
    ***Please [stop using `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php).*** [These extensions](http://php.net/manual/en/migration70.removed-exts-sapis.php) have been removed in PHP 7. Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [PDO](http://php.net/manual/en/pdo.prepared-statements.php) and [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and consider using PDO, [it's really pretty easy](http://jayblanchard.net/demystifying_php_pdo.html). – Jay Blanchard Oct 23 '17 at 14:54
  • 1
    [Little Bobby](http://bobby-tables.com/) says ***[your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)***. Even [escaping the string](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) is not safe! – Jay Blanchard Oct 23 '17 at 14:54
  • Anyway, you don't use the date ($show_date1) at all in your query ($sql) – nacho Oct 23 '17 at 14:57
  • @nacho I made a mistake when copying to this website. – Ross Oct 23 '17 at 14:58

0 Answers0