Insert - not written field in the table

Question

Insert - not written field in the table

INSERT INTO `jos1_content` 
  (`title`, `introtext`, `fulltext`, `state`, `sectionid`, `catid`, `attribs`)
VALUES  
  ($title, $introtext, $fulltext, 1, 1, $catid, 5)

The request consists of a PHP script. The output of the variables shows that they are not empty. When phpMyAdmin is requested, an error is displayed:

1064 - You have an error in the SQL syntax; check the manual that matches your version of MySQL server for the correct syntax,

+3

sql mysql mysql-error-1064

Geogo Dec 11 '10 at 22:04

source share

3 answers

You need to surround PHP variables that are inserted into string fields with quotes:

INSERT INTO `jos1_content` 
(`title`, `introtext`, `fulltext`, `state`, `sectionid`, `catid`, `attribs`)
VALUES  
('$title', '$introtext', '$fulltext', 1, 1, $catid, 5)

+7

Jacob Relkin Dec 11 '10 at 22:10

source share

Read the instructions in the manual for your programming language or use mysql_escape_string.

+3

Ssoon Dec 11 '10 at 23:30

source share

OMG Ponies · Accepted Answer · 2010-12-11T22:10:16+0000

You need to use single quotes to indicate strings in SQL - use:

INSERT INTO `jos1_content` 
  (`title`, `introtext`, `fulltext`, `state`, `sectionid`, `catid`, `attribs`)
VALUES  
  ('". $title ."', '". $introtext ."', '". $fulltext ."', 1, 1, $catid, 5)

Safer means would be to use:

$query = sprintf("INSERT INTO `jos1_content` 
                    (`title`, `introtext`, `fulltext`, `state`, `sectionid`, `catid`, `attribs`)
                  VALUES  
                   ('%s', '%s', '%s', 1, 1, %d, 5)",
        mysql_real_escape_string($title),
        mysql_real_escape_string($introtext),
        mysql_real_escape_string($fulltext),
        $catid);

Link:

Insert - not written field in the table

More articles: