Home/ Questions/Q 830713
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-15T04:05:22+00:00

I need help with this code, it doesent insert the values to my database.

  • 0

I need help with this code, it doesent insert the values to my database.
Probably a simple problem but it’s late here in Sweden so I would appriciate if someone could have a look at this and tell me what’s wrong:

    include "../../inc/mysql_config.php";
$to = mysql_real_escape_string($_POST['to']);
$message = mysql_real_escape_string($_POST['message']);

mysql_query("INSERT INTO messages (to, message) VALUES ('".$to."', '".$message."')");

Every variable have an value, double checked that and the mysql_config.php is working.

MySQL error code:

You have an error in your SQL syntax;
check the manual that corresponds to
your MySQL server version for the
right syntax to use near ‘to, message)
VALUES (‘hubb’, ‘asd’)’ at line 1

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Something that will give you a clue is to use the mysql_error() function, e.g.

    mysql_query("INSERT INTO messages (to, message) 
     VALUES ('".$to."', '".$message."')") or die(mysql_error());

    I would recommend using a more recent library such as MySQLi or PDO (preferably PDO). Both of these have support for prepared statements, which makes the whole string escaping thing much easier and much more consistent.

    • 0