Hi, sorry i need some help… I failed to import php write data file in phpmyadmin data base. see the php code below…

<?php //connecting to the database define('DB_HOST', 'localhost'); define('DB_NAME', 'coict_sites_attendances'); define('DB_USER','mwana'); define('DB_PASSWORD','mwana0123456789'); $con=mysql_connect(DB_HOST,DB_USER,DB_PASSWORD) or die("Failed to connect to MySQL: " . mysql_error()); $db=mysql_select_db(DB_NAME,$con) or die("Failed to connect to MySQL: " . mysql_error()); $RFID_TAG_No = (isset($_GET['RFID_TAG_No']) ? $_GET['RFID_TAG_No'] : null); $SITE_NAME = (isset($_GET['SITE_NAME']) ? $_GET['SITE_NAME'] : null); $sql = "INSERT INTO coict_sites_attendances.guards_daily_routine_table(RFID_TAG_No,SITE_NAME ) VALUES (".$RFID_TAG_No.", ".$SITE_NAME.")"; mysqli_query($sql, $con); mysql_close($con); ?>

and see below the error that i get from the code above after importing it,

#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ‘<?php
//connecting to the database
define(‘DB_HOST’, ‘localhost’)’ at line 1

(deleted)

You'd normally import a PHP file into your web server (probably Apache) like you would any other HTML file.

That's an absolutely horrifying piece of PHP code. For your own safety and the safety of others: please don't ever use that code.

It has many vulnerabilities: it uses the mysql library, which has been obsolete for years. It was first superseded by mysqli, and now by PDO.
On top of that, you are insert text from the request directly into the query. They should be escaped to prevent SQL injection. Also, you should be using prepared statements instead of string concatenation.

Take a look at how it's done here.

Pieter

check the manual that corresponds to your MariaDB server version for the right syntax to use near '<?php

Pay particular attention to the fact that the tag to start a PHP script is NOT <?php.