G-man G-man - 5 months ago 27
PHP Question

insert email adress into database and check if it already exists

I got a form input field where the users writes his email to subscribe to a newsletter. I have to validate the email and also check if it's already in my database. Now all checks are correct, but when it actually needs to insert the email into my database it gives me an SYNTAX error on my sql statement. checked it multiple times, tweaked it but I couldn't find the problem. i even just added a row to my PhPMyAdmin and copy pasted that code which executed. Still nothing.
So if i test this, it validates the email, then i tried an email that's already in my databank, and it correctly gave the output that it's already in the db, but when it has to go to the laste else, it gives me and error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''email@email.com'' at line 1

My code below:

<form method="post" action="#anker" class="footerform" id="anker">

<input type="email" value="" name="fldEmail" class="brief" id="nieuwsbrief" placeholder="Nieuwsbrief Email" >
<input type="submit" value="Schrijf me in!" name="subscribe" id="nieuwsbriefsubmit" class="btn"></div>
<?php
require('db.php');
if (isset($_POST["subscribe"])) {
if ($_POST["fldEmail"]=="") {
echo "<p>error: Vul het veld in aub</p>";
}else {
$fldEmail=$_POST['fldEmail'];
$fldEmail =filter_var($fldEmail, FILTER_SANITIZE_EMAIL);
$fldEmail= filter_var($fldEmail, FILTER_VALIDATE_EMAIL);
if (!$fldEmail) {
echo "<p>Je email-adres is niet correct</p>";
} else {
$fldEmail = stripslashes($fldEmail);
$fldEmail = mysqli_real_escape_string($connection, $fldEmail);
$testquery = "SELECT fldEmail FROM nieuwsbrief WHERE fldEmail = '$fldEmail'";
$result = mysqli_query($connection, $testquery) or die(mysqli_error($connection));
$rows = mysqli_num_rows($result);
if ($rows > 0) {
echo "emailadres zit al in onze databank";
} else {
$query = "INSERT INTO nieuwsbrief (fldEmail) VALUES '$fldEmail'";
$result2 = mysqli_query($connection, $query) or die(mysqli_error($connection));
echo "<p>Bedankt om je op de nieuwsbrief in te schrijven</p>";
}
}
}
}
?>

</form>

Answer

SQL Sintax is not correct

Use

$query = "INSERT INTO nieuwsbrief (fldEmail) VALUES ('$fldEmail') ";

Check This