My Error info isnt being clear enough for me to understand the problemIs there anything worng here so i can continue on lookng for the probelm:

$sql = "INSERT INTO boards (
    title, genre, creator, tagline, intro, remessage, visability, recruitment, reqsheet, reqdice, reqgroup, ppweek)
    VALUES (
    $title, $genre, $creator, ". $tagline . ", $scene, $message, $vis, $rcrt, $sheet, $dice, $group, $ppw)";

    if ($conn->query($sql) === TRUE) 
        echo "New record created successfully";
        echo "<br>Error: " . $sql . "<br>" . $conn->error;

Recommended Answers

Enclose fieldnames in backticks and non-numerical values (some of your variables) in single quotes.

Jump to Post

All 4 Replies

Member Avatar

Enclose fieldnames in backticks and non-numerical values (some of your variables) in single quotes.

// ops! I just saw your reply Diafol! :D


can you share the error with us? Also: are you using MySQLi or PDO? The former returns boolean TRUE for successful inserts, the latter instead will return an object and your IF statement would fail because you're using the identical comparison operator === rather than the equal comparison operator ==.


@diafol if you dont mind, can you tell me why i needed those? for future reference.

Member Avatar

OK. Sometimes fieldnames or tablenames for that matter share their names with reserved words:

In this case, it could be ambiguous to the query parser, so we enclose fieldnames and tablenames in backticks.

Also, text-based fields, could break the query if they contained certain types of punctuation, especially commas. For this reason, all non-numericals are required to be enclosed with quotes.

It is vitally important that when you are using a bog-standard mysqli_query that all your variables are santized, or it could lead to SQL injection - very serious.

Consider using prepared statements, where this issue will not occur. I created a tutorial of various issues withregard to mysql here:

I should state, that most examples use PDO, but mysqli has equivalents.

commented: +1 by the way, I missed that MySQLi in the title +14
Be a part of the DaniWeb community

We're a friendly, industry-focused community of 1.21 million developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.