Why is the data not added to database?

<?php
$login = $_POST['login'];
$email = $_POST['email'];
$password = $_POST['pass'];
try{
 $conn = new PDO('mysql:host=localhost; dbname=testbd', 'root', ");
 $sql = "INSERT INTO users (login, email, password)
 VALUES($login, $email, $password)";
$conn->exec($sql);
}
catch(PDOExeptions $e){
 echo $sql . $e->getMessage();
 header("Location: index.php");
}
?>


Here is the form
<!DOCTYPE html>
<html lang="en">
the <head>
 <meta charset="UTF-8">
 <meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Login</title>
</head>
the <body>
 <form action="/check.php" method="post">
 <p><input type="text" placeholder="Enter username" name="login"></p>
 <p><input type="email" placeholder="Enter email" name="email"></p>
 <p><input type="password" name="pass" placeholder="Enter password"></p>
 <p><input type="submit"></p>
</form>
</body>
</html>

No error occurs but the data is not added to the database
Why??
April 19th 20 at 12:03
1 answer
April 19th 20 at 12:05
Solution
No error occurs because you didn't tell PDO to you about them reported.
Not added because you're doing it wrong. Variables never are not added directly to the query. Plus in code code just sayin

Here you can see a normal example
First request you have to prepare by putting variables instead of question marks, and then run, passing in variables separately
<?php
$login = $_POST['login'];
$email = $_POST['email'];
$password = $_POST['pass'];
$conn = new PDO('mysql:host=localhost; dbname=testbd', 'root', ", [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION]);

$sql = "INSERT INTO users (login, email, password) VALUES (?,?,?)";
$stmt= $pdo->prepare($sql);
$stmt->execute([$login, $email, $password]);


And everything will always work

Find more questions by tags PHP