asherinho Posted August 1, 2007 Share Posted August 1, 2007 please help me with this error. [attachment deleted by admin] Link to comment https://forums.phpfreaks.com/topic/62795-script-vs-database/ Share on other sites More sharing options...
btherl Posted August 1, 2007 Share Posted August 1, 2007 $query="INSERT INTO viewz(name,title,mail,choice,comments,) VALUES('$_POST[name]','$_POST[title]','$_POST[mail]','$_POST[choice]', '$_POST[comments]')"; Instead, try this: $query="INSERT INTO viewz(name,title,mail,choice,comments) VALUES('{$_POST['name']}','{$_POST['title']}','{$_POST['mail']}','{$_POST['choice']}', '{$_POST['comments']}')"; Changes: Remove comma after comments. Add {} around variables Add '' around array indexes for $_POST This doesn't handle escaping of the input data, so it's not secure. It is vulnerable to mysql injection. Link to comment https://forums.phpfreaks.com/topic/62795-script-vs-database/#findComment-312606 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.