Parse error: syntax error, unexpected 'INSERT' (T_STRING)

[kjetill6]

I made this basic code but I got a Parse error: syntax error, unexpected 'INSERT' (T_STRING)

 

if anyone knows how to fix this please reply

 

here is the full code:

 

<?php

$info = $_post ['Strøm'];

$info1 = $_post ['Spenning'];

$info2 = "localhost";

$info3 = "root";

$info4 = "123";

$info5 = "rom 206";

$info6 = "skap1';

$link = mysqli_connect($info2, $info3, $info4, $info5);

mysqli_query($link, "INSERT INTO $info6 (`ID`, `Strøm`, `Spenning`)

VALUES ('', '$info', '$info1')");

echo "Data registering";

?>

[Barand]

$info6 = "skap1';

         ^     ^

         |     |

     notice something odd?

[Ch0cu3r]

On line 8 you are not closing the string with a double quote  "  

$info6 = "skap1';
               ^
               |
  this needs to be a double quote "

PHP is case sensitive when it comes to  variables, so $_post is  not the same as $_POST. When using super global variables the variable name must be in uppercase. You would only use lowercase variables if you have defined a variable in lowercase

 

Also when using variables, try to use meaningful names which will describe the data being stored. For example the variables $info2, $info3, $info4, and $info5 are not meaningful on their own, I am forced to look further down the code to know what they are being used for. I see they are used for logging into mysql on line 9. As these contain credentials for logging into mysql it willl better to name these as $hostname, $username, $password, and $database.

 

$info6 will be better to be named as $table. But I do not see why you are storing the table name in a variable? The table name should be written in the query

 

Before using the $_POST values in your query you should first validate the data, ie checking to see if it does exists and contains what your expect it to be. If the does not meat your requirements you should not be executing the query, instead ouput an error. You should also sanitize the data or use a prepared query

 

Example of how your code should be

<?php
// variables containing mysql credentials
$hostname = "localhost";
$username = "root";
$password = "123";
$database = "rom 206";
// connect to mysql
$link = mysqli_connect($hostname, $username, $password, $database);

// on HTTP POST request (ie when form has been submitted)
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
    $error = array();

    // do basic validation, checking to see if the data exists and is not empty
    if(isset($_POST['Strøm']) && !empty(trim($_POST['Strøm'])))
    {
        $strom = $_POST['Strøm'];
    }
    // validation failed, set error message
    else
    {
        $errors[] = 'Please enter a value for Strøm';
    }

    // do basic validation, checking to see if the data exists and is not empty
    if(isset($_POST['Spenning']) && !empty(trim($_POST['Spenning'])))
    {
        $spenning = $_POST['Spenning'];
    }
    // validation failed, set error message
    else
    {
        $errors[] = 'Please enter a value for Strøm';
    }

    // check to make sure there are no errors after validation
    if(empty($errors))
    {
        // use prepared query for inserting the database
        $stmt = mysqli_prepare($link, "INSERT INTO skap1 (`Strøm`, `Spenning`) VALUES (?, ?)");

        // make sure mysqli_prepare did not return an error
        if($stmt)
        {
            // bind the variables to the query
            mysqli_stmt_bind_param($stmt, 'ss', $strom, $spenning);

            // execute insert query
            mysqli_stmt_execute();

            // check to make sure the query did insert a row
            if(mysqli_stmt_affected_rows ($stmt))
            {
                echo "Data registering";
            }
        }
        // mysqli_prepare returned an error
        else
        {
            // output error
            trigger_error('Query error: ' . mysqli_error($link));
        }
    }
    // $errors is not empty, output validation errors
    else
    {
        echo 'Cannot insert data!<br />' . implode('<br />', $errors);
    }
}