Error in your SQL syntax - using Object Oriented MYSQL query

[V]

I'm modifying all my old MYSQL code into object oriented but I can't get it to work when inserting into the DB. The code below is for inserting a new post into a posts table.

 

require_once("functions.php");

$connection = dbConnect(); //DB connect function

if ($_REQUEST["submit"]) {  
    
$category = mysql_escape_string(strip_tags($_POST["cat_id"]));
        $title = mysql_escape_string(strip_tags($_POST["post_title"]));
$content = mysql_escape_string(strip_tags($_POST["post_content"],
                                              "<a><i><b><img>"));

	if (!$category || !$title || !$content) {
		echo "Please go back and submit a new post.";
		exit;
	}

    $sql = "INSERT INTO posts
                 (cat_id, post_title, post_date, post_content)
          VALUES ('$category', '$title', NOW(), '$content')";
	  
	        $result = $connection->query($sql) or die(mysqli_error($connection));

		$id = mysql_insert_id($connection);
		header("Location: single_post.php?post=$id");

}

 

 

When I try to submit a new post I get

 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

 

but it works when I remove

 

$id = mysql_insert_id($connection);
	header("Location: single_post.php?post=$id");

 

Not sure what I'm doing wrong :-\

[Mchl]

You're mixing mysql_* and mysqli_* functions.

[V]

Oooh! I didn't know there were 2 versions. Thanks Mchl!

[Mchl]

Well... there are... You'll probably want to stick with mysqli_*

[V]

Yup I read that it's improved

[Mchl]

That's what they call it anyway...

However, you can use it entirely in OOP manner, which is a cool thing.