rocknbil - 4:17 pm on Oct 3, 2011 (gmt 0)
By all means add mysql_error() and also try this . . .
$query = "INSERT INTO users (username, password, email, age, hobbies)
mysql_real_escape_string($_POST['userid']) . "','" .
mysql_real_escape_string($_POST['password']) . "','" .
mysql_real_escape_string($_POST['email']) . "','" .
mysql_real_escape_string($_POST['age']) . "','" .
mysql_real_escape_string($_POST['hobbies'] . "')";
Two things relevant: if you have any quotes and possibly other special characters in your input, it can generate an error. For example if you have "don't know" in "hobbies" the eventual select will look like this:
.. ','don't know' ...
which will cause mysql to think the field ends at "don" and doesn't know what to do with the rest.
The second (and not quite as relevant but may still be a problem) is these may be interpreted as constants
So you should use the concatenation methods above.
Although it's not the cause of the problem, you should always use mysql_escape_string() or mysql_real_escape_string() on any database queries to close one more point of mysql injection. In this case it might actually help the problem.