How to parse a string to insert a row into a mysql table?

Question

$sql = "INSERT INTO user_saving_plans (user_id, catergory_id, product_id, savings_amount, company) VALUES (' . $_SESSION['user_id'] . ', '1', ' .    $row['product_id'] . ', ' . $saving . ', ' . $row['company'] . ')";

$retval = mysql_query( $sql, $connection );
    if(! $retval ){
        die('Could not enter data: ' . mysql_error());

}
        echo "Entered data successfully\n";

Trying to a string to insert a row into a table. Keep getting syntax errors.

Current error is:

Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING

Downvoted, as you deleted a question whilst a comments conversation was in flow. Please don't do this. — halfer, Dec 04 '14 at 15:01

score 1 · Accepted Answer · answered Nov 28 '14 at 06:18

You should always prepare your variables in a good manner like below that is a good practice:

    $userId = $_SESSION['user_id'];
    $productId = $row['product_id'];
    $company = $row['saving'];
    $categoryId = 1;
    $savingAmount = $saving;

    $sql = "INSERT INTO user_saving_plans (user_id, catergory_id, product_id, 
    savings_amount, company) 
    VALUES ('$userId', 'categoryId', '$productId', '$savingAmount', '$company')";

score 1 · Answer 2 · edited May 25 '19 at 12:05

You are mixing quotes,

$sql = "INSERT INTO user_saving_plans (user_id, catergory_id, product_id, savings_amount,   
        company) VALUES ('" . $_SESSION['user_id'] . "', '1', '" .    $row['product_id'] .  
        "', '" . $saving . "', '" . $row['company'] . "')";

Warning: Please, don't use mysql_* functions in new code. They are no longer maintained and are officially deprecated. See the red box? Learn about prepared statements instead, and use PDO or MySQLi - this article will help you decide which. If you choose PDO, here is a good tutorial.

score 1 · Answer 3 · answered Nov 28 '14 at 06:20

You concatinated your string wrong. What you want is this:

$sql = "INSERT INTO user_saving_plans (user_id, catergory_id, product_id, savings_amount, company) VALUES ('" . $_SESSION['user_id'] ." ', '1', '" .    $row['product_id'] . "', '" . $saving . "', '" . $row['company'] . "')";

Alternatively you could simple wrap it in curly brackets ({}) like this:

$sql = "INSERT INTO user_saving_plans (user_id, catergory_id, product_id, savings_amount, company) VALUES ('{$_SESSION['user_id']} ', '1', '{$row['product_id']}', '$saving ', '{$row['company']}')";

score 0 · Answer 4 · answered Nov 28 '14 at 06:19

0

$sql = "INSERT INTO user_saving_plans (user_id, catergory_id, product_id, savings_amount, company) VALUES (' $_SESSION[user_id] ', '1', ' $row[product_id] ', ' $saving ', ' $row[company] ')";

answered Nov 28 '14 at 06:19

Mangesh Parte

2,179
1
12
16

score 0 · Answer 5 · answered Nov 28 '14 at 06:20

Your query is not proper. try

$sql = "INSERT INTO user_saving_plans (user_id, catergory_id, product_id, 
        savings_amount, company) VALUES ('". $_SESSION['user_id']."',1,
        '". $row['product_id'] ."', '". $saving . "', '". $row['company'] ."')";

score 0 · Answer 6 · answered Nov 28 '14 at 06:20

You have to use double quotes to end a string

$sql = "INSERT INTO user_saving_plans (user_id, catergory_id, product_id, savings_amount, company) VALUES ('" . $_SESSION['user_id'] . "', '1', '" .    $row['product_id'] . "', '" . $saving . "', '" . $row['company'] . "')";

How to parse a string to insert a row into a mysql table?

6 Answers6