I have tried '".mysql_real_escape_string($_POST['title_txt'])."', for the first column, still no luck.
It prints:
Code: Select all
title : title des : descriptionday : 27mon : Novermberyea : 2014no user : 209
INSERT INTO `member` (`quote_no`, `username` , `title` , `description` , `no_of_user` , `post_date` , `required_by_date` ) VALUES ( '', '', '', '', '', '', '' )Code: Select all
if (isset($_POST['submit_request']))
{
$title = $_POST['title_txt'];
$description = $_POST['description_txt'];
$day = $_POST['day'];
$month = $_POST['month'];
$year = $_POST['year'];
$no_of_user = $_POST['no_of_user_txt'];
$username = $_SESSION['user'];
$post_date = date('d,m,y');
echo "title : ".$title;
echo "des : ".$description;
echo "day : ".$day;
echo "mon : ".$month;
echo "yea : ".$year;
echo "no user : ".$no_of_user;
$insert = "INSERT INTO `member` (`quote_no`, `username` , `title` , `description` , `no_of_user` , `post_date` , `required_by_date` )
VALUES (
'".mysql_real_escape_string($_POST['title_txt'])."',
'".mysql_real_escape_string($username)."',
'".mysql_real_escape_string($title)."',
'".mysql_real_escape_string($description)."',
'".mysql_real_escape_string($no_of_user)."',
'".mysql_real_escape_string($post_date)."',
'".mysql_real_escape_string($require_by_date)."'
)";
echo '<div>', htmlentities($insert), "</div>\n";
}
else
{ // if form hasn't been submitted show new form