The PHP doesn't rwite in my DB

Question

I have this little problem (I think with syntaxis). First of all I have my form in HTML that have a lot of options:

<form action="chyrons.php" method="get">
            Categoría C10 Informatiu: <select name="categoria_c10"; style="font-size:16px">
                <option value="CULTURA">CULTURA</option>
                <option value="SOCIETAT">SOCIETAT</option>
                <option value="POLÍTICA">POLÍTICA</option>
                <option value="ESPORTS">ESPORTS</option>
            </select>
            &nbsp;| Categoría ADVOR:<select name="categoria_advor"; style="font-size:16px">
                <option value="CARDEDEU">CARDEDEU</option>
            </select><br>

            <br>Breu: <input type="text"; required size="125"; name="breu"; placeholder="Cardedeu es super guay!"; style="font-size:15px";/>
            <br>&nbsp; Minut Chyron: <input type="text"; required size="6"; name="minut_breu"; placeholder="MM:SS"; style="font-size:15px";/><br>

            <br>Persona Entrevistada: <input type="text"; required size="20"; name="nom_entrevistat"; placeholder="Enric Olivé"; style="font-size:15px";/>
            <br>Carreg: <input type="text"; required size="30"; name="carreg_entrevistat"; placeholder="Alcalde de Cardedeu"; style="font-size:15px";/>
            <br>&nbsp; Minut Chyron: <input type="text"; required size="6"; name="minut_entrevista"; placeholder="MM:SS"; style="font-size:15px";/><br>

            <div class="container1">
                <button class="add_form_field">Afegeix un chyron &nbsp; <span style="font-size:16px; font-weight:bold;">+ </span></button>
            </div>
            <br>Informa C10 Informatiu: <input type="text"; required size="20"; name="informa_c10"; placeholder="Reno 1 y Reno 2"; style="font-size:15px";/>&nbsp;| Informa ADVOR: <input type="text"; required size="20"; name="informa_advor"; value="RTVCardedeu"; disabled style="font-size:15px";/>
            <br>&nbsp; Minut Chyron: <input type="text"; required size="6"; name="minut_informa"; placeholder="MM:SS"; style="font-size:15px";/><br>
            <br><input type="submit"; value="Processar"; style="font-size:15px";/>
        </form>

If you see, this form goes to "chyrons.php":

<?php
$servername = "***.***.**.***";
$username = "*******";
$password = "*******";
$dbname = "******";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
} 

$sql = "INSERT INTO chyrons (categoria_c10, categoria_advor, breu, minut_breu, nom_entrevistat, carreg_entrevistat, minut_entrevista, informa_c10, informa_advor, minut_informa)
VALUES ($_GET['categoria_c10'], $_GET['categoria_advor'], $_GET['breu'], $_GET['minut_breu'], $_GET['nom_entrevistat'], $_GET['carreg_entrevistat'], $_GET['minut_entrevista'], $_GET['informa_c10'], $_GET['informa_advor'], $_GET['minut_informa'])";

if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}

$conn->close();
?>

For obvious reasons I just write *** in the server name and others. The issue is on line 15, that says:

Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE), expecting identifier (T_STRING) or variable (T_VARIABLE) or number (T_NUM_STRING) in /usr/home/*******/web/chyrons.php on line 15

Here is my DB created:

My DB created

DB Table

I don't understand the error... If can I get some help, I would be very grateful!

Your script is at risk of [SQL Injection Attack](//stackoverflow.com/questions/60174) Have a look at what happened to [Little Bobby Tables](http://bobby-tables.com/) Even [if you are escaping inputs, its not safe!](//stackoverflow.com/questions/5741187) Use [prepared parameterized statements](https://php.net/manual/en/mysqli.quickstart.prepared-statements.php). — John Conde, Feb 05 '18 at 16:21
You're going to have even more errors once you resolve this one. — John Conde, Feb 05 '18 at 16:22

The PHP doesn't rwite in my DB

0 Answers0