MySQLi_query syntax error

Question

Hi I have been trying to figure this out for hours... Here is the code:

function add_user($data) {
$user_table = USER_TABLE;
$first_name = ($data['first_name']);
$last_name =($data['last_name']);
$email_address = ($data['email_address']);
$drivers_license_id = ($data['drivers_license_id']);
$gender = ($data['gender']);
$password =($data['password']);
$query = "INSERT INTO $user_table (
        first_name,
        last_name,
        email_address,
        drivers_license_id,
        gender,
        password
    ) VALUES (
        '$first_name',
        '$last_name',
        '$email_address',
        '$drivers_license_id',
        '$gender',
        '$password')";
if (mysqli_query($connection,'$query',MYSQLI_USE_RESULT)) return true;
error_log("Failed to create user: " . mysqli_error($error_get_last));
return false;

I am receiving syntax error. I am not sure if I should return the query to false, or leave it as true. Undefined variable: link in C:\\xampp\\htdocs\\etc. on line 122 Notice: Undefined variable: connection in C:\\xampp\\htdocs\\etc. on line 122 Warning: mysqli_query() expects at most 3 parameters, 4 given in C:\\xampp\\htdocs

Answer 1

You're passing the string "$query" rather than passing the query itself. Your mysqli_query() should look like:

mysqli_query($connection,$query,MYSQLI_USE_RESULT)

Answer 2

mysqli_query($connection,'$query',MYSQLI_USE_RESULT) should be mysqli_query($connection,$query,MYSQLI_USE_RESULT)

I should mention this is potentially a very unsafe query. You do not appear to be sanitizing the variables you use, which would allow someone to attack you with sql injection.

Read this: https://www.troyhunt.com/everything-you-wanted-to-know-about-sql/

Answer 3

Try this code :

function add_user($data) {
    $connection = mysqli_connect('localhost','root','','database_name');
    $query = "INSERT INTO `USER_TABLE` (
        `first_name`,
        `last_name`,
        `email_address`,
        `drivers_license_id`,
        `gender`,
        `password`
    ) VALUES (
       $data['first_name'],
        $data['last_name'],
        $data['email_address'],
        $data['drivers_license_id'],
        $data['gender'],
        $data['password'])";
    if (mysqli_query($connection,'$query',MYSQLI_USE_RESULT))
         return true;
    error_log("Failed to create user: " . mysqli_error($error_get_last));
    return false;