Hey I'm trying to insert something inside my db but its not working I get an error that says
Error: INSERT INTO broodjes (broodnaam, prijs, voorraad) VALUES (?, ?, ?)
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '?, ?, ?)' at line 1
what am I doing wrong???
this is my form
<pre><?php include "navbar.php";?>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-EVSTQN3/azprG1Anm3QDgpJLIm9Nao0Yz1ztcQTwFspd3yD65VohhpuuCOmLASjC" crossorigin="anonymous">
<style>
.intro {
height: 100%;
}
.gradient-custom {
background: #fa709a;
background: -webkit-linear-gradient(to bottom right, rgba(250, 112, 154, 1), rgba(254, 225, 64, 1));
background: linear-gradient(to bottom right, rgba(250, 112, 154, 1), rgba(254, 225, 64, 1))
}
</style>
<section class="intro">
<div class="mask d-flex align-items-center h-100 gradient-custom">
<div class="container">
<div class="row justify-content-center">
<div class="col-12 col-lg-9 col-xl-7">
<div class="card">
<div class="card-body p-4 p-md-5">
<h3 class="mb-4 pb-2">Nieuwe broodjes toevoegen</h3>
<form action="insertproduct.php" method="post"><!--
<div class="row">
<div class="col-md-6 mb-4">
<div class="form-outline">
<input type="text" id="broodjesnaam" name="broodjesnaam" class="form-control" />
<label class="form-label" for="broodjesnaam">Broodjes naam</label>
</div>
</div>
<div class="col-md-6 mb-4">
<div class="form-outline">
<input type="text" id="prijs" name="prijs" class="form-control" />
<label class="form-label" for="prijs">Prijs</label>
</div>
</div>
</div>
<div class="row">
<div class="col-md-6 mb-4">
<div class="form-outline">
<input type="text" id="voorraad" name="voorraad" class="form-control" />
<label class="form-label" for="voorraad">Voorraad</label>
</div>
</div>
<!--
<!--
</div>
<div class="row">
<div class="col-12">
<div class="mt-4">
<input class="btn btn-warning btn-lg" type="submit" value="Toevoegen" />
</div>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<?php include "footer.php";?>
this is my backend code
<pre><!--
<?php
include "config.php";
$broodnaam = $_POST['broodjesnaam'];
$prijs = $_POST['prijs'];
$voorraad = $_POST['voorraad'];
$sql = "INSERT INTO broodjes (broodnaam, prijs, voorraad) VALUES (?, ?, ?)";
$stmt = $conn->prepare($sql);
$stmt->bind_param("sii", $broodnaam, $prijs, $voorraad);
$stmt->execute();
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
?>
What I have tried:
I have tried looking up examples for prepared statements but to me it looks the same as I have