Jump to content

Unknown column 'Bacon' in 'field list'


Recommended Posts

Hi Guys & Girls

I have this table:

$sql = "CREATE TABLE " . $Name . "(
ItemWeight VARCHAR(30) NOT NULL,
ItemPrice VARCHAR(5),
ItemDate DATE

& This Query:

$sql = "INSERT INTO Pantry (ItemName, ItemWeight, ItemPrice, ItemDate)
VALUES (" . $Name . ", " . $Weight . ", " . $Price . ", " . $Date . ")";

& the response I get is:

Error Updating table: Unknown column 'Bacon' in 'field list'.

I believe this to be an SQL issue but I don't know what or why. the HTML and PHP is below relating to this:

if (isset($_POST["Item"])){
    Add_Item($_POST["Item"], $_POST["Weight"], $_POST["Price"], $_POST["Date"]);
    echo "Nothing To do";
	<form action="ActionPage.php" method="POST">
        <input type="button" value="Create Pantry" onclick="CreatePantry()" />

		<label for="PantryID">Create Pantry: </label>
        <input type="text" id="PantryID" name="PantryID" disabled="true" />

        <input type="button" value="Add Item" onclick="AddItem()" />

        <label for="ItemName">Item Name: </label>
        <input type="text" id="Name" name="Item" />

        <label for="ItemWeight">Item Weight: </label>
        <input type="text" id="Weight" name="Weight" />

        <label for="ItemPrice">Item Price: </label>
        <input type="text" id="Price" name="Price" />

        <label for="ItemDate">Item BBE: </label>
        <input type="text" id="Date" name="Date"/>
        <input type="Submit" Value="Submit" />

Any help would be appreciated.

Edited by jahicki
Link to comment
Share on other sites

Given the array values from you previous topic, you should be aiming to generate an SQL string that looks like this

INSERT INTO Pantry (ItemName, ItemWeight, ItemPrice, ItemDate)
VALUES ('Bacon', 500, 3.25, '2020-12-12');

1 ) The $name needs to be inside single quotes otherwise it interprets bacon as a column name and not as a string value.

2 ) Your weight and price columns should be numeric types, not varchar (weight int, price decimal(10,2) ).

3 ) Your current date format of 12/12/2020 is not a valid DATE format. Your unquoted date string in that format is interpreted as "12 divide by 12  divide by 2020"

You current method of putting variables inside the SQL string is unsafe. Use prepared statements and pass the values as parameters EG

$stmt = $pdo->prepare(("INSERT INTO Pantry (ItemName, ItemWeight, ItemPrice, ItemDate)
                        VALUES (?,?,?,?)
$stmt->execute( [ $name, $weight, $price, $date ] );


Link to comment
Share on other sites

This thread is more than a year old.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.