sql - postgresql and INSERT variables -
i'm close stuck. pull user name drupal , store in variable called $username, want store in column called username. below code throws error
$sql = "insert sheet_tbl (site_id, user_id, eventdate, eventtime, username) values ('$_post[site_id]','$_post[user_id]','$_post[eventdate]','$_post[eventtime]',$username)"; error
warning: pg_query() [function.pg-query]: query failed: error: syntax error @ or near ")" @ character 112 in /var/www/html/drupal1/includes/common.inc(1743) : eval()'d code on line 30. i pull user name using:
user name: <?php global $user; echo $user->name; $username = $user->name; ?> if echo variable result = admin
you did not put username in quotes. replace
,$username)"; with
,'$username')"; and btw should not put unescaped user input in sql statements. can lead sql injections. see here
Comments
Post a Comment