Why do I get an error in PHP even when data is being successfully inserted in my database?
This is the error: The values are successfully being added to the table however I still get this error,
Error: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ‘?, ?, NOW(), ?)’ at line 1
My mySql connection is fine too, This is the code i have written
$title = mysqli_real_escape_string($conn, $_POST['title']); $desc = mysqli_real_escape_string($conn, $_POST['desc']); $category = mysqli_real_escape_string($conn, $_POST['category']); $filename = $_FILES['thumbnail']["name"]; $tempName = $_FILES['thumbnail']["tmp_name"]; $folder = '../post-content/thumbs/'. $filename; move_uploaded_file($tempName, $folder); $fieldEmpty = "Please fill all fields!"; $success = "Thank you for signing up!!"; if($title == "" || $desc == "" || $category == "") { $_SESSION["fieldEmpty"] = $fieldEmpty; header("location: ../create-post.php"); die(); } else{ $sql = "INSERT INTO posts (post_title, post_desc, post_date , post_thumb ) VALUES (?, ?, NOW(), ?);"; $stmt = mysqli_stmt_init($conn); if(!mysqli_stmt_prepare($stmt, $sql)) { echo "Sql Error"; die(); } else { mysqli_stmt_bind_param($stmt,"sss",$title,$desc,$folder); mysqli_stmt_execute($stmt); } if(mysqli_query($conn,$sql)){ $_SESSION["success"] = $success; header("location: ../create-post.php"); } else{ echo "Error: ". mysqli_error($conn); die();ac } }
The sql must be $sql = "INSERT INTO posts (post_title, post_desc, post_date , post_thumb ) VALUES (?, ?, NOW(), ?) " ;
.
There is no (;) after values just (").