parse error? (still)

lukeurtnowski

I'm still getting an error even after I corrected my mistakes,
INSERT into company VALUES('',$POST['company_name'], $POST['company_description'], $POST['company_state'], $POST['company_city'], $POST['contact_name'], $POST['contact_phone'], $POST['rationale'], $POST['poc'], $POST['contact_title'], $POST['contact_email'], $_POST['priority'])

Do you know why?
tk 😕

Matt_Kindig

You generally have to put string values in single-quotes, such that

INSERT into company VALUES('','{$_POST['company_name']}', // do other insert values like this....

Also, you might want to google search for SQL injection attacks--your code can easily permit malicious queries.

EDIT: Sorry didn't see your other post first. Anyway, make sure you make the above correction, and heed my comment on SQL injection.

hitman6003

What error are you getting?