I'm receiving an error when running this code in PHP
I keep receiving some variant of this error message:
Warning: PDO::exec(): SQLSTATE[42000]: Syntax error or access violation:
1064 You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use near
'@email.com",5,2)' at line 1 in C:\xampp\htdocs\donations\index.php on
line 31
The PHP it is referring to is this:
$db->exec("INSERT INTO donations(name, email, donation_amount, item_id)
VALUES(\"" . $_POST['name'] . "\"," . $_POST['email'] . "\"," .
$_POST['amount'] . "," . $_POST['radioButtons'] . ");");
Am I not escaping correctly or do I have too many quotes? Any help is
appreciated!
No comments:
Post a Comment