Variables Combined with String in SQL statements

[Petty_Crim]

I get this error "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' , , , , , , , , , , , )' at line 1"

 

My sql statement is this:

mysql_query("INSERT INTO players (player_id, match_id, kills, deaths) VALUES ('$user_id', ".$_POST['match_id'].",".$_POST['kills$username'].", ".$_POST['deaths$username'].")") or die ('Error adding new player '.mysql_error());

 

I'm thinking it must be to do with me combining string and variables together.

So is ".$_POST['kills$username']." correct?

[rajivgonsalves]

you forgot the single quotes

 

mysql_query("INSERT INTO players (player_id, match_id, kills, deaths) VALUES ('$user_id', '".$_POST['match_id']."','".$_POST['kills$username']."', '".$_POST['deaths$username']."')") or die ('Error adding new player '.mysql_error());

 

I would prefer doing

 

mysql_query("INSERT INTO players (player_id, match_id, kills, deaths) VALUES ('$user_id', '{$_POST['match_id']}','{$_POST['kills$username']}', '{$_POST['deaths$username']}')") or die ('Error adding new player '.mysql_error());

 

however your errors shows there are no values coming in check you $_POST array

[sasa]

change ".$_POST['kills$username']." to ".$_POST["kills$username"]."