your mysql error will probably tell you that you have syntax error.
one of your fields is namedfrom, which is a mysql keyword (command). you must tell mysql that you mean to use the literal value of the word. you should always use backticks to specify literal words (column names, etc.) in your sql commands:note that these are backticksPHP Code:$insert = "
INSERT INTO `pmsys` (`to`, `from`, `title`, `message`, `date`, `ifread`)
VALUES ('$to', '$from', '$title', '$content', '$date', '$ifread')";
( ` ), NOT single-quotes( ' ).
(I could have sworn that we'd addressed this issue before, but I guess it was a different thread. also, in PHP, you don't need to break out of a double-quoted string to use a variable. that's what double-quotes are for, to use $variables inside a string. note my changes above.)
Edit: I've looked over your current code again (from post 19).
- you still have the form inside your first if() block.
If you can see the form, then you're either submitting from a different page, or this is not the current version of the code you're using.- you have _no_ form fields named message_from or message_date.
this means that your $time and $from variables will always be empty.
further, your sql statement uses the variable $date (which doesn't exist), not $time as I suspect you intended.- the variable $ifread doesn't exist, either.
- you don't escape any of your POST values, so your database is wide open to sql injection attacks.
As I said earlier, I would strongly recommend planning this all out first, and then opening a new file and rewriting it from scratch.
As it stands now, you are losing track of where your changes were made, and you're starting to have old problems show up again (probably as a result of copy-pasting).
I'll be happy to help you further if you decide to follow this advice.
