0

my php code which is throwing errors is as follows:

$stmt = $con->prepare('INSERT INTO listOfRides (address, time) VALUES 
('$address', '$time')') ;

I have looked at other posts and it seems I am using the variables correctly with the single quotes around them however the following error is being shown when visiting the URL:

Parse error: syntax error, unexpected T_VARIABLE in /home/gbidjght/public_html
/insertRide.php on line 79

Any help is appreciated

Improve this question
2
  • 3
    Why not use placeholders and ->execute() for the values? Commented Apr 24, 2015 at 4:15
  • stackoverflow.com/questions/7537377/… Commented Apr 24, 2015 at 4:24

5 Answers 5

Reset to default
5

If you escaped the single quotes you would end up with the string literals "$address" and "$time" being inserted into your DB:

$stmt = $con->prepare('INSERT INTO listOfRides (address, time) VALUES (\'$address\', \'$time\')');

However assuming that they should be variables, you should use double quotes around your SQL statement to allow PHP to actually parse your variables as their values:

$stmt = $con->prepare("INSERT INTO listOfRides (address, time) VALUES ('$address', '$time')");

That being said, since you're already preparing your statement, why not just use placeholders anyway? It'll be a safer way to protect against SQL injection.

$stmt = $con->prepare("INSERT INTO listOfRides (address, time) VALUES (?, ?)");
$stmt->execute(array($address, $time));
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Tit for tat? Thanks @Fred-ii-
Well, sort of wink. However as truth may be and being a latest topic of discussion on meta, is the quality of answers lately. I'm not sure if you've seen it, but it's been a bit hot these passed few days. It's about these "Try this...." with drop-in code type of answers. I'm not fancy on that, as are many members on Stack who frequently help and provide answers/solutions. I've fallen victim to refused flags as VLQ, and not a happy camper. How will anyone learn how to feed themselves, if we don't show them "how to" fish. ;-) Cheers
4

change the outer quotes to double quotes 

$stmt = $con->prepare("INSERT INTO listOfRides (address, time) VALUES 
('$address', '$time')") ;
Improve this answer

Comments

2

You can't put mysql ' in php '

Use this

$stmt = $con->prepare("INSERT INTO listOfRides (address, time) VALUES 
('$address', '$time')") ;
Improve this answer

Comments

2

Because of the 's the error is coming. Add " instead of '.Try this - 

$stmt = $con->prepare("INSERT INTO listOfRides (address, time) VALUES ('$address', '$time')") ;
Improve this answer

Comments

2 
$stmt = $con->prepare("INSERT INTO `listOfRides` (`address`, `time`)
 VALUES 
($address, $time)") ;
Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.