My code shows the following error, I did not understand how to correct it:
you have an error in your sql syntax, check the manual corresponds to your mysql server version for the right syntax to use near ')'at line 1
$query="insert into subjective_result(marks,roll_no)values($marks,$roll)";
mysql_query($query)or die(mysql_error());
分享 Because you didn't escaped the inputs it should be
$query="insert into subjective_result(marks,roll_no)values('$marks','$roll')";
Anyway this is not the best way to do that, you have to use prepared statement and wrapper such as PDO. If you concatenate your own queries you are likely to run into a SQL injection vulnerability.
Something like this
// didn't test it
$stmt = $db->prepare('insert into subjective_result(marks,roll_no)values(:marks,:roll_no)');
$stmt->bindValue(":marks", $marks);
$stmt->bindValue(":roll_no", $roll_no);
if ($stmt->execute()) {
//code here
}
