Can any one tell me whats wrong here in the code

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP



Can any one tell me whats wrong here in the code



Please let me know whats wrong here.



Getting this error:



Please Check Your Query when submitting


<?php

if ( isset( $_POST[ 'submit' ] ) )
if ( empty( $_POST[ 'subcat' ] ) )
echo '<span style="color: red;"> Please Fill in the Category Name</span> ';
else


$subcat = $_POST[ 'subcat' ];


$query = " insert into subcategory (scatname) values('$subcat')";
$result = mysqli_query( $con, $query );

if ( $result )
echo '<span style="color: green;">Category Added Successfully</span>';
else
echo ' Please Check Your Query ';




?>

<form method="post" action="">
<div class="form-group">
<lable>Sub Category Name</lable>
<input type="text" class="form-control" name="subcat"/>
</div>
<div class="form-group">
<lable>Select Category</lable>
<select class="form_control" name="cat">
<?php

$query="select * from category";
$sql=mysqli_query($con,$query);
if(mysqli_num_rows($sql)>0)
while($row=mysqli_fetch_assoc($sql))



?>
<option value="<?php echo $row['cid']; ?>">
<?php echo $row['catname']; ?>
</option>
<?php


?>
</select>
</div>


<div class="form-group">
<button class="btn btn-primary" name="submit">Submit</button>

</div>

</form>
</div>

</div>





Please edit your question to format your code as code,
– Dragonthoughts
Aug 6 at 9:43


code





??? explain please
– s singh
Aug 7 at 6:35





What are you getting and what are you expecting?
– Dragonthoughts
Aug 7 at 13:26





need to to know whats wrong in the code as i am not able to add subcategories by selecting categories getting error - please check query not able to get whats wrong
– s singh
Aug 8 at 4:58





1 Answer
1



The query fails because you didn't escape the string $subcat.


$subcat


$subcat = mysqli_real_escape_string($con, $_POST[ 'subcat' ]);

$query = "INSERT into subcategory (scatname) VALUES ('$subcat')";
$result = mysqli_query( $con, $query );



You can read more about it here:
http://php.net/manual/en/mysqli.real-escape-string.php






By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.

Popular posts from this blog

Firebase Auth - with Email and Password - Check user already registered

Dynamically update html content plain JS

Creating a leaderboard in HTML/JS