Error in your SQL syntax; check the manual that corresponds to your MySQL server version

Question

HTML CODE

<!DOCTYPE html>
<html>
  <head>
    <style>
      #right
      {
      margin-top:109px;
      margin-right:225px;
      }
      #button
      {
      margin-right:;
      margin-top:22px;
      }
    </style>
  </head>
  <body>
    <div id="total" style="width:1350px">
      <div id="top" style="width:1350px;height:69px;background-image:url('top.png');float:;"></div>
      <div id="body" style="width:1350px;height:570px;background-image:url('body.jpg');float:;">
        <div id="right" style="background-color:;height:283px;width:320px;float:right;">
          <form action="new.php" method="post" >
            <input type="text" name="username" value="" size="37"  placeholder="username"style="height:20px"><br><br>
            <pre><input type="password" name="password" value="" size="37" placeholder="password"style="height:20px"> 
<div id="button"><input type="image" name="" value="submit" src="button.png" />  <input type="checkbox" value="check"><br></pre>
            </div>
          </form>
        </div>
      </div>
      <div id="footer" style="width:1350px;height:33px;background-image:url('footer.png');clear:both;"></div>
    </div>
  </body>
</html>

MY PHP CODE

<?php
$con=mysqli_connect("localhost","prabha","prabha","prabha");
// Check connection
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }

$sql="INSERT INTO table (username, password)
VALUES
('$_POST[username]','$_POST[password]')";

if (!mysqli_query($con,$sql))
  {
  die('Error: ' . mysqli_error($con));
  }
echo "1 record added";

mysqli_close($con);
?>

---

When i clicked on submit button after entering username:prabha password:passwordofprabha

It shows the following error. Please fix my code.

Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'table (username, password) VALUES ('prabha','passwordofprabha')' at line 1

Answer 1

Use ` backticks for MYSQL reserved words...

table name "table" is reserved word for MYSQL...

so your query should be as follows...

$sql="INSERT INTO `table` (`username`, `password`)
VALUES
('$_POST[username]','$_POST[password]')";

Answer 2

Some special characters give this type of error, so use

$query="INSERT INTO `tablename` (`name`, `email`)
VALUES
('$_POST[name]','$_POST[email]')";