Use a $variable inside a SQL string?

Question

I would like to be able to select a category from a dropdown and depending on the category it will add it to whatever SQL table is it equal with.

Answer 1

You cannot use that type of variables, change last code to $sql="INSERT INTO $article (headline, content) VALUES ('" . $_POST['headline'] " . ', '" . $_POST['content'] . "')";

Answer 2

I know this answer won't be too helpful for you right now, but sice there is just too much wrong with that code and that approach, here are a few tips:

• Use PDO instead of PHP's MySQL functions. It'll seem daunting at first, especially if you haven't got any experience with object-oriented programming, but it's definately worth the effort.
• Sanitize that $article value! if($article == 'foo' || $article == 'bar') {...}
• The best ways to use variables in strings are: "This is a ".$adjective." string" and "This is a {$adjective} string"

Answer 3

Try:

"INSERT INTO `{$article}` ...."

Don't forget to sanitize your input! (mysql_real_escape_string, for starters)