This question has already been answered in the comments but I'll expand.
You seem to be puzzled with two aspects. The first is the correct preparation of SQL statements, which you're using here. Each statement consists of two important parts. You specify:
columns of the table you want to use:
INSERT INTO answers (Aid, answer, date)
and values you want to use with these columns:
VALUES ($t, $ans, CURDATE())
The MySQL syntax allows you to leave the column names unencapsulated if there are no spaces (or some other characters) in them, so this part is okay. The values however, depending on the columns types might have to be encapsulated with single or double quotes, e.g. you have to encapsulate values for VARCHAR
, DATE
, DATETIME
and BLOB
but you shouldn't usually do so for numeric types like INT
and DECIMAL
or whenever you're telling the MySQL server to calculate something before it inserts the new record (like CURDATE()
, 10 + 5
etc.). So assuming your columns are:
Aid - INT
answer - VARCHAR
date - DATE
the correct SQL statement would be (notice the single quotes around $ans
and lack of quotes around CURDATE()
):
INSERT INTO answers (Aid, answer, date) VALUES ($t, '$ans', CURDATE())
The other aspect that seems to confuse you is how PHP deals with strings. What you're doing is telling the PHP to prepare a line of text (string) and pass it into a MySQL server so that the server would run it and pass the result back to the PHP (e.g. mysql_insert_id()
is such a result). The thing is PHP from the beginning to the end of this process has no idea what an SQL statement is and how to prepare it. All it knows is "here's a string and I need to put some variables in". So assuming the answer number 32
was a submitted answer
, these two parts of your code:
$SQL = "SELECT * FROM answers WHERE answer= $ans";
[...]
$SQL = "INSERT INTO answers (Aid, answer, date) VALUES ($t, $ans, CURDATE())";
would produce the following correct strings but incorrect SQL statements:
SELECT * FROM answers WHERE answer= a submitted answer
INSERT INTO answers (Aid, answer, date) VALUES (32, a submitted answer, CURDATE())
Hopefully the solution is now obvious.
Above said, I'm responding only to pay it forward (all of us had to start somewhere). This coding style is outdated and it's value arguable (even as a means to learn). It never should see a production environment.
EDITED:
Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead
The above should be a notice level and probably isn't an issue. If you want to check whether functions are available run the following script:
<?php
$a = array(
'mysql_connect',
'mysql_real_escape_string',
'mysql_query',
'mysql_fetch_assoc',
);
foreach ($a as $f)
var_dump(function_exists($f));