I'm trying to insert some info into a table but I get this error.
This is the code:
Line 16 is where it says "VALUES"
Yeah and I know this is SQL injection prone - I'll add defense once someone helps me get rid of this bug.
+Rep if you can help me fix problem.
Code:
Parse error: parse error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/www/site.com/database/insert2.php on line 16
This is the code:
PHP:
<html>
<body>
<?php
if ($_POST['password']=="passremoved")
{
$con = mysql_connect("mysql2.freehostia.com","andjen3_database","passremoved");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("andjen3_database", $con);
mysql_query("INSERT INTO photos (title, date, color, dimensionx, dimensiony, photographer, call, tag1, tag2, tag3, tag4, tag5, tag6)
VALUES ($_POST['title'], $_POST['date'], $_POST['color'], $_POST['dimensionx'], $_POST['dimensiony'], $_POST['photographer'], $_POST['call'], $_POST['tag1'], $_POST['tag2'], $_POST['tag3'], $_POST['tag4'], $_POST['tag5'], $_POST['tag6'])");
mysql_close($con);
echo 'Photo has been added! <a href="http://anmanproductions.freehostia.com/database>Go back to the database.</a>';
}
else
{
echo "Sorry invalid password.";
}
?>
</body>
</html>
Line 16 is where it says "VALUES"
Yeah and I know this is SQL injection prone - I'll add defense once someone helps me get rid of this bug.
+Rep if you can help me fix problem.