Jump to content

Parse error: syntax error, unexpected '$_POST' (T_VARIABLE) in C:\xampp\htdocs\DBINSERT.php on line 11


ksweety2012
Go to solution Solved by Ch0cu3r,

Recommended Posts

<?PHP

 

$user_name = "ganga";

$password = "gangamma";

$database = "ganga";

$server = "localhost";

 

$conn = mysql_connect($server, $user_name, $password);

 

print "Connection to the Server is now opened";

$sql = 'INSERT INTO `ganga`(`eno`, `ename`) VALUES ('$_POST[eno]','$_POST[ename]')';

mysql_select_db('ganga',$conn);

$retval = mysql_query( $sql, $conn );

echo "Entered data successfully\n";

mysql_close($conn);

?>

 

Getting php error: Parse error: syntax error, unexpected '$_POST' (T_VARIABLE) in C:\xampp\htdocs\DBINSERT.php on line 11

help this please...gangadhara

Edited by ksweety2012
Link to comment
Share on other sites

  • Solution

Never use raw $_POST variables in your query. You should sanitize them before using them.

$eno = mysql_real_escape_string($_POST['eno']);
$ename= mysql_real_escape_string($_POST['ename']);
$sql = "INSERT INTO `ganga`(`eno`, `ename`) VALUES ('eno','$ename')";

Another thing you should be doing is to validate them. You should check they exists and are in the format your expect. 

 

NOTE: the mysql_* functions are deprecated, meaning they are not longer supported and could soon be removed complete from future version of PHP. I recommend you to use either PDO or MySQLi instead.

Link to comment
Share on other sites

Thank you soooo much...... 

 

 

Record updated in mysql db, but eno is saved as 0 instead of 18 (which i enered actual eno.).

 

 

my form.html page code is like this:

 

html>
<body>
A small example page to insert some data in to the MySQL database using PHP
<form action="DBINSERT.php" method="post">
Eno<input type="number" name="eno" /><br><br>
Ename: <input type="text" name="ename" /><br><br>
 
<input type="submit" />
</form>
</body>
</html>
 
 
Please look into the code where i used input type="number" name='eno"
 
and I passed eno as 18. but database took as 0, 
 
regards,
Link to comment
Share on other sites

My bad 'eno' in the query should off been '$eno'. In fact, if eno should be a number then validate that it is number first

 

This is an example of how you should be sanitize/validate your data before using it in your query

<?php
 
$user_name = "ganga";
$password = "gangamma";
$database = "ganga";
$server = "localhost";
 
$conn = mysql_connect($server, $user_name, $password);
mysql_select_db('ganga',$conn);

// check a post request has been made before using $_POST values
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
    $errors = array();

    // check eno isset and is has a numeric value (is a number)
    if(isset($_POST['eno']) && is_numeric($_POST['eno']))
    {
        // cast value to an interger (whole number)
        $eno = intval($_POST['eno']);
    }
    // eno is not set, or is not a numberic value
    else
    {
        // set error message
        $errors[] = 'eno must be a number';
    }

    // check ename isset and is not an empty value
    if(isset($_POST['ename']) && !empty($_POST['ename']))
    {
        // sanitize
        $ename = mysql_real_escape_string($_POST['ename']);
    }
    // ename is not set, or is empty
    else
    {
        // set error message
        $errors[] = 'ename cannot be empty.';
    }

    // if there are no errors after validation, then insert data into database
    if(empty($errors))
    {
        $sql = "INSERT INTO `ganga`(`eno`, `ename`) VALUES ($eno, '$ename')";
        $retval = mysql_query( $sql, $conn );
        if($retval)
            echo "Entered data successfully\n";
    }
    // there are are errors
    else
    {
        // display error message(s)
        echo "Invalid data provided:<br />" . implode('<br />', $errors);
    }
}
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.