0

I am trying to add info I collect to my database. I was able to add all the int elements but i can't add "enonce" that is a varchar it give me this error:

Unknown column '(the text)' in 'field list'

html code

<form><input type="text" name="noquestion" placeholder="Enter no question "/></form>

php code

$enonce=  $_POST["enonce"] ;
$sql='  INSERT INTO question (noquestion,enonce,niveau,idlangage,idadmin) VALUES ('.$noquestion.','.$enonce.',' .$niveau.','.$idlangage.','.$idadmin.')';
ADyson
  • 57,178
  • 14
  • 51
  • 63
light 06
  • 1
  • 1
  • 1
    This code is dynamically building the SQL statement, which means it's open to SQL injection and the actual runtime SQL code could be anything. Please provide the actual runtime SQL code that's producing the error. – David Jul 10 '21 at 15:47
  • 1
    The error also doesn't seem to match the SQL you have shown us, at all. Also this has nothing to do with phpMyAdmin, your code talks directly to the mysql database, it does not involve the phpMyAdmin administration application. I've corrected your terminology in the question. – ADyson Jul 10 '21 at 15:49
  • 1
    P.s. urgent, required reading to fix the security issues with this code: https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php – ADyson Jul 10 '21 at 15:51
  • the error is coming from the website and it's instantly, but when I remove the" enonce" variable from the query it's running just fine idk if I answered your question – light 06 Jul 10 '21 at 15:55
  • 1
    @light06: *"idk if I answered your question"* - You did not. Consider that the code you're showing us is **not** SQL code. It is PHP code which *generates* SQL code. If that SQL code is failing then your first step in debugging/diagnosing the issue is to examine what that resulting SQL code is. – David Jul 10 '21 at 16:06
  • "noquestion" in `name="noquestion"` doesn't match "enonce" in `$_POST["enonce"]`. Lesson one when you learn about forms and PHP is that the field names you look for in the PHP code must match the ones you provided in the form. It's not magic, they simply have to match otherwise PHP can't find the value. That is likely to be contributing to your problem, although it's hard to see how it could have caused the specific error you mentioned. – ADyson Jul 10 '21 at 16:14
  • 1
    More required reading: http://www.phpknowhow.com/basics/basic-debugging/ and https://stackoverflow.com/questions/845021/how-can-i-get-useful-error-messages-in-php – ADyson Jul 10 '21 at 16:16
  • (although I think you might have the last link covered already if you're getting that SQL error out) – ADyson Jul 10 '21 at 16:28

1 Answers1

1

the name of the input field must match the $_POST index.

<form><input type="text" name="enonce" placeholder="Enter no question "/></form>

ATTENTION

as the other commenters stated, this is a SQL-injection prune code. for the sake of your code security you must read about SQL-injection and how to prevent it. the suggested link is a good start How can I prevent SQL injection in PHP?

Ahmad Tawila
  • 862
  • 9
  • 15