I’ve looked over this code a zillion times and can’t see anything wrong with it. But it gives me the message, “Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘when, name, reporter, contacts, suggestions, remarks) VALUES (‘Me again’, ‘me’, ‘ at line 1”
HELP PLEASE!
Sorry, sorry, I’m so Sooooooory! Was in a hurry to get to a job, and I pasted the wrong code. Here is the correct line of code.
$sql="INSERT INTO one_on_one_reports (whenever, name, reporter, contacts, suggestions, remarks) VALUES ('$_POST[whenever]', '$_POST[name]', '$_POST[reporter]', '$_POST[contacts]', '$_POST[suggestions]', '$_POST[remarks]')";
I’m in between driving runs. And gotta run again. But again my apologies for the wrong paste. I’ll consider the protection against injection later. This file is in a password protected folder if that makes any difference.
Bruce
Looks like the error is not coming from the query you expect. The field names mentioned in the error are not listed:
The error is quite simple, WHEN is a reserved keyword, you need to escape it.
Speaking of escaping, you’re not too strong on it, use the appropriate escape function on data to avoid SQL injections.