0

my php code which is throwing errors is as follows:

$stmt = $con->prepare('INSERT INTO listOfRides (address, time) VALUES 
('$address', '$time')') ;

I have looked at other posts and it seems I am using the variables correctly with the single quotes around them however the following error is being shown when visiting the URL:

Parse error: syntax error, unexpected T_VARIABLE in /home/gbidjght/public_html
/insertRide.php on line 79

Any help is appreciated

Improve this question
2
  • 3
    Why not use placeholders and ->execute() for the values? Commented Apr 24, 2015 at 4:15
  • stackoverflow.com/questions/7537377/… Commented Apr 24, 2015 at 4:24

5 Answers 5

Reset to default
5

If you escaped the single quotes you would end up with the string literals "$address" and "$time" being inserted into your DB:

$stmt = $con->prepare('INSERT INTO listOfRides (address, time) VALUES (\'$address\', \'$time\')');

However assuming that they should be variables, you should use double quotes around your SQL statement to allow PHP to actually parse your variables as their values:

$stmt = $con->prepare("INSERT INTO listOfRides (address, time) VALUES ('$address', '$time')");

That being said, since you're already preparing your statement, why not just use placeholders anyway? It'll be a safer way to protect against SQL injection.

$stmt = $con->prepare("INSERT INTO listOfRides (address, time) VALUES (?, ?)");
$stmt->execute(array($address, $time));
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Tit for tat? Thanks @Fred-ii-
Well, sort of wink. However as truth may be and being a latest topic of discussion on meta, is the quality of answers lately. I'm not sure if you've seen it, but it's been a bit hot these passed few days. It's about these "Try this...." with drop-in code type of answers. I'm not fancy on that, as are many members on Stack who frequently help and provide answers/solutions. I've fallen victim to refused flags as VLQ, and not a happy camper. How will anyone learn how to feed themselves, if we don't show them "how to" fish. ;-) Cheers
4

change the outer quotes to double quotes 

$stmt = $con->prepare("INSERT INTO listOfRides (address, time) VALUES 
('$address', '$time')") ;
Improve this answer

Comments

2

You can't put mysql ' in php '

Use this

$stmt = $con->prepare("INSERT INTO listOfRides (address, time) VALUES 
('$address', '$time')") ;
Improve this answer

Comments

2

Because of the 's the error is coming. Add " instead of '.Try this - 

$stmt = $con->prepare("INSERT INTO listOfRides (address, time) VALUES ('$address', '$time')") ;
Improve this answer

Comments

2 
$stmt = $con->prepare("INSERT INTO `listOfRides` (`address`, `time`)
 VALUES 
($address, $time)") ;
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.