1

Good afternoon all. I've been getting the following error when running the following INSERT INTO statement.

Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' , , , , , , , , , )' at line 2

I'm totally stumped. Could this be anything to do with the incremental value I have in my table called 'id'?? Here's the code. Many thanks in advance!!

<?php
$con=mysqli_connect("localhost","root","root","wexdemo");

if (mysqli_connect_errno())
{
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
}


$name = mysqli_real_escape_string($_POST['name']);
$address = mysqli_real_escape_string($_POST['address']);
$area = mysqli_real_escape_string($_POST['area']);
$postcode = mysqli_real_escape_string($_POST['postcode']);
$sector = mysqli_real_escape_string($_POST['sector']);
$subsector = mysqli_real_escape_string($_POST['subsector']);
$contact = mysqli_real_escape_string($_POST['contact']);
$position = mysqli_real_escape_string($_POST['position']);
$email = mysqli_real_escape_string($_POST['email']);
$telephone = mysqli_real_escape_string($_POST['telephone']);

$sql="INSERT INTO employers (name, address, area, postcode, sector, subsector, contact, position, email, telephone)
VALUES ($name, $address, $area, $postcode, $sector, $subsector, $contact, $position, $email, $telephone)";

if (!mysqli_query($con,$sql))
{
  die('Error: ' . mysqli_error($con));
}
echo "1 record added";

mysqli_close($con);
?>
Improve this question
3
  • always try to debug your code,you can simply print your query and check what is the actual query that is executing Commented Apr 11, 2014 at 14:57
  • 1
    learn about prepared statements, it's really clever! Commented Apr 11, 2014 at 15:03
  • @PhilHowell: It would be best, if working with mysqli_prepare Commented Apr 11, 2014 at 15:19

4 Answers 4

Reset to default
3

Insert query values should be wrapped inside the ' single quote or "double quotes. 

$sql ="INSERT INTO employers (`name`, `address`, `area`, `postcode`, `sector`, `subsector`, `contact`, `position`, `email`, `telephone`)
 VALUES ('$name', '$address', '$area', '$postcode', '$sector', '$subsector',
       ..^
 '$contact', '$position', '$email', '$telephone')";

instead of 

$sql="INSERT INTO employers (name, address, area, postcode, sector, subsector, contact, position, email, telephone)
VALUES ($name, $address, $area, $postcode, $sector, $subsector, $contact, $position, $email, $telephone)";
Improve this answer
Sign up to request clarification or add additional context in comments.

12 Comments

Hi Krish, I added the single quotes which took away the error message but the data is not being inserted correctly into the table. The auto incremental "id" column is the only data that appears on each row...
Can you post your table structure?
@PhilHowell: Before calling mysqli_query, debug with echo $sql;. That lets you know if proper data is being sent to database.
@KrishR I'm not sure how to do that. Could you kindly advise?
Please make sure you run this code only after the form submit, since you have used POST of values.
|
1

The values you're inserting need to be in single or double quotes, if their column type is string. Try this code:

$sql="INSERT INTO employers (name, address, area, postcode, sector, subsector, contact, position, email, telephone)
VALUES ('$name', '$address', '$area', '$postcode', '$sector', '$subsector', '$contact', '$position', '$email', '$telephone')";

The only values you probably don't want enclosed in quotes are those who have numeric values - i.e. probably $postcode and $telephone

Improve this answer

Comments

0

Variables should not be included in 'or "; I get the same error even though the query is populated and and looks right MyError: INSERT INTO dati_modelle VALUES (1, sonia, nota 1, 14, Height, 165, Bust, 60, Waist, 65, Hips, 60, Shoe, 33, Eyes, brown) You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1, 14, Height, 165, Bust, 60, Waist, 65, Hips, 60, Shoe, 33, Eyes, brown)' at line 1

Improve this answer

Comments

-1

$sql="INSERT INTO employers (name, address, area, postcode, sector, subsector, contact, position, email, telephone) VALUES ( " + "" + $name +"" + ", " + "" + $address +"" + ", " + "" + $area + "" + ", " + ""+ $sector + "" + ", " + ""+ $subsector+ "" + ", " + ""+$contact + "" + ", " + ""+$position +"" + ", " + ""+ $email + "" + ", " + ""+ $telephone + "" + ")";

Improve this answer

1 Comment

If that should be PHP code: please never recommend the usage of such highly insecure code

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.