mysql查询语法错误

Question

"INSERT INTO forum_topics (category_id, poster_id, poster_username, topic_title, topic_content, date) VALUES (".$category_id.", '$poster_id', '$topic_title', '$message', NOW()"; 

mysql_error() says that there is a problem with the syntax, however it might be something else. I'm gonna post the variables just so you know where they come from.

$message = $_POST['topic_message'];
$topic_title = $_POST['topic_title'];  
$category_id = $_GET['id'];

EDIT Changed it to

$topic_sql = "INSERT INTO forum_topics (category_id, poster_id, poster_username, topic_title, topic_content, date) VALUES (".$category_id.", '$poster_id', '$username', '$topic_title', '$message', NOW())";

However it still doesn't work...

Answer 1

You're missing the closing paren for VALUES :

... NOW())";

There are other issues:

• The parameter count is incorrect
• Your query is vulnerable to injection since you are not using parameterized queries with PDO/mysqli

Answer 2

Maybe you list 6 columns but only give data for 5? And missing closing ).

Answer 3

Looks like you're missing a closing parenthesis and only inserting 5 values into 6 columns...

INSERT INTO forum_topics (category_id, poster_id, poster_username, topic_title, topic_content, date) 
VALUES (".$category_id.", '$poster_id', '$username', '$topic_title', '$message', NOW())

You missing the user name?