Posted by Todd Michels on 07/01/07 12:26

Hi all,

I am trying to send data from a form and insert it into a MSSQL DB.

When I submit the data I get: Warning: mssql_query()
[function.mssql-query]: message: The name "Todd" is not permitted in
this context. Valid expressions are constants, constant expressions, and
(in some contexts) variables. Column names are not permitted. (severity
15) in "Myfile"

If I don't use the POST data and write the query explicitly, it works.

Any help is appreciated.

Thanks,
Todd

WinXP SP2
MSSQL Express 2005
IIS 5.1
PHP 5.2.1

It's a basic form:

<body>
<form id="form1" name="form1" method="post" action="flextest.php">
<label>User Name
<input name="username" type="text" id="username" />
</label>
<label>Email Address
<input name="emailaddress" type="text" id="emailaddress" />
</label>
<p>
<input type="submit" name="Submit" value="Submit" />
</p>
</form>
</body>

And here is the MSSQL insert:

if( $_POST["emailaddress"] AND $_POST["username"])
{
//add the user
$Query = sprintf('INSERT INTO users (username, emailaddress)
VALUES (%s, %s)', $_POST["username"], $_POST["emailaddress"]);

$Result = mssql_query($Query);
}

[Back to original message]