inserting record mysql

Question

I have a method which insert a record into a table as shown below:

public static function AddCategory($categoryName)
    {
        $sql = 'INSERT INTO category(name) 
                VALUES(' . $category_name .')';
        $parameters = array('category_name' => $categoryName);
        return DB::Execute($sql,$parameters);   
    }

Can anyone tell me if the SQL syntax is correct? Im not being able to insert any record..I can't find my mistake. Thanks

Answer 1

I don't exactly understand what you want to do, a valid SQL INSERT sintax is:

INSERT INTO table1 VALUES (value1, value2, ...)

so i suppose your code should be changed into something like:

public static function AddCategory($categoryName) 
    { 
        //I don't know the real name of the TABLE you want to update, so you have to replace CATEGORIES_TABLE with your table name 
        $sql = 'INSERT INTO CATEGORIES_TABLE VALUES(' . $categoryName .')'; 
        return DB::Execute($sql);    
    } 

I don't know what DB::Execute does, I suppose it executes a query.

FYI a good way to test this is to add the following line before exectuing the query:

echo "<br>" . $sql . "</br>";

Then you take the result printed by PHP and run it on MySQL query browser, it will tell you more accurate details about why the query fails.

Answer 2

public static function AddCategory($categoryName) {
    $sql = 'INSERT INTO category (name)
            VALUES (:category_name)';
    $parameters = array('category_name' => $categoryName);
    return DB::Execute($sql,$parameters);   
}

Answer 3

From my brief observation this line is redundant:

 $parameters = array('category_name' => $categoryName);

You have already specified the inserted value inside query itself. You need only to execute it now.