I try to build my website with sql requests but when I try to make some request it gives me an error. I am a newbie in web, so I can't say what is going on. Can you help me?
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>BFFChinese</title>
</head>
<body>
<p class="main_title">There is a main page that needed to navigate you on the website!</p>
<!--
<a href="http://shizza.beget.tech/login.php">Goto register/login page...</a><br>
<a href="http://shizza.beget.tech/radicals.php">Goto radicals page...</a><br>
-->
<div class="form_container">
<h2>Register</h2>
<p>Try to add a radical <3</p>
<form action="" method="post">
<div class="form_element">
<label>Radical name:</label>
<input type="text" name="radical_name" class="form_element_control" required>
</div>
<div class="form_element">
<label>Radical reading (pinyin):</label>
<input type="text" name="radical_reading" class="form_element_control" required>
</div>
<div class="form_element">
<label>Radical stroke count (just number, like 1 or 5):</label>
<input type="text" name="radical_stroke_count" class="form_element_control" required>
</div>
<div class="form_element">
<label>Radical mnemonic:</label>
<input type="text" name="radical_mnemonic" class="form_element_control" required>
</div>
<div class="form_element">
<input type="submit" name="submit" class="btn_submit" value="Add radical">
</div>
</form>
</div>
<?php
$db = mysqli_connect("localhost", "shizza_bffc", "5&avXr7Z", "shizza_bffc");
mysqli_set_charset($con, "utf32");
$sql = 'CREATE TABLE IF NOT EXISTS bffc_radicals (radical_id int NOT NULL AUTO_INCREMENT, radical_name TINYTEXT, radical_reading TINYTEXT, radical_stroke_count int, radical_mnemonic TINYTEXT, PRIMARY KEY (radical_id))';
$result = mysqli_query($db, $sql);
//$sql = 'CREATE TABLE IF NOT EXISTS users (login TINYTEXT, pass TINYTEXT, rank TINYTEXT)';
//$result = mysqli_query($db, $sql);
if($_POST){
if (($_POST['submit'] ?? null) === "Add radical") {
$radical_name = $_POST['radical_name'];
$radical_reading = $_POST['radical_reading'];
$radical_stroke_count = $_POST['radical_stroke_count'];
$radical_mnemonic = $_POST['radical_mnemonic'];
$rank = "user";
$sql = "INSERT INTO bffc_radicals (radical_name, radical_reading, radical_stroke_count, radical_mnemonic) VALUES ('$radical_name', $radical_reading', '$radical_stroke_count', '$radical_mnemonic')";
$result = mysqli_query($db, $sql);
if ($result) {
echo "<br> Nicely added! <br>";
} else {
echo "<br> Something is wrong! SQLError -> " . mysqli_error($db) . " <br>";
}
}
/*
else {
$login = $_POST['login'];
$pass = $_POST['pass'];
$sql = "SELECT * FROM users WHERE login='$login' AND pass='$pass'";
$result = mysqli_query($db, $sql);
if ($result && $result->num_rows == 1) {
echo "Successfully logined :P";
} else {
echo "Something happened :C. This is an error provided by SQL -> " . mysqli_error($db);
} echo "<br>";
}
*/
}
?>
</body>
</html>
On the website it says to me: Something is wrong! SQLError -> You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '', '1', '1')' at line 1
Can you describe what I do incorrect?
I tried to put 1,1,1,1 and one,one,1,one as input in html forms and it sends it to php, but something is happening in request..