Inserting form variables into mysql database query string

I was working with a form where I need to insert some form variables in my MySQL database. Inserting data into database is not any problematic issue. But as I had to insert dynamic data contained by the form variables, I faced a little problem. The solution is very very simple! 🙂

//variables will contain the data stored in the form variable id, hod, status
$soid = $_POST['id']; 
$employeeid = $_POST['hod'];	
$statusto = $_POST['status'];
// the is the SQL query to insert into database

$sql = "INSERT INTO `service_order`.`change_log` (`service_order_id`, `employee_id`, `changed_to`) VALUES ('".$soid."', '".$employeeid."', '".$statusto."')";

the most important thing is — putting the dot(.) and double quotation(“) and single quotation(‘) around the variables $soid, $employeeid and $satusto

For not using these three symbols properly, I found errors in my program


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s