Can't insert links to DB

Question

I have this code:

    if (!empty($_POST['w1']) && !empty($_POST['l1']))   {
        $str = "<a href='".$_POST['l1']."'>".$_POST['w1']."</a>";
        $content = str_replace($_POST['w1'],$str, $content);
    }
    $content = nl2br($content);
    echo "נוסף";
    echo $content;
mysql_query("INSERT INTO `posts` VALUES ('','".$_POST['subject']."','$content','0')");

The php page doesn't return any error. But the data isn't inserted to the DB. Anyone know what is the problem?

Answer 1

PHP parser doesn't return any error so the error is probably on the database side. One thing out of top of my head is to replace

INSERT INTO `posts` VALUES ('','".$_POST['subject']."','$content','0')

with

INSERT INTO `posts` VALUES (NULL,'".$_POST['subject']."','$content','0')

bacause your db configuration might not allow construct you are trying to use.

Answer 2

If there is any mysql error thrown, it will not be shown to you. Do the following to see an error:

mysql_query("INSERT INTO `posts` VALUES ('','". mysql_real_escape_string($_POST['subject']) . "','" . mysql_real_escape_string($content) . "','0')") or die mysql_error();

Be aware of SQL-Injections!

Answer 3

You have put single quotes for $content in query which is not needed.

mysql_query("INSERT INTO `posts` VALUES ('','".$_POST['subject']."','$content','0')");

Change it to

mysql_query("INSERT INTO `posts` VALUES ('','".$_POST['subject']."','".$content."','0')");