While your issue involves read-only permissions on the data source file, consider two best practices going forward:
Parameterization to facilitate code security especially with
$POSTvariables as well as readability and maintainability without need of messy variable concatenation or quote punctuation. Parameters are supported in theodbclibrary usingodbc_prepare.Error handling using
try/catchfor more informative errors or exceptions per this answer.
Below uses MS Access’s CDate() and avoid need of enclosing # and converts numeric types of parameters with PHP’s floatval. Adjust untested code as needed.
// ENSURE ERRORS RAISE AS EXCEPTIONS
set_error_handler(
function($errno, $errstr, $errfile, $errline ) {
throw new ErrorException($errstr, $errno, 0, $errfile, $errline);
}
);
// PREPARED STATEMENT WITH ? PLACEHOLDERS
$sql = "INSERT INTO Zeitkarten
(BeginnTätigkeit, EndeTätigkeit, Mitarbeiter, Projekt, ArbeitscodeNr,
datum, [Pause], AnzahlUeber, FZhin, FZrueck, Anmerkung)
VALUES (CDate(?), CDate(?), ?, ?, ?, CDate(?), ?, ?, ?, ?, ?)";
try {
// BIND PARAMS AND EXECUTE
$stmt = odbc_prepare($con, $sql);
$result = odbc_execute(
$stmt,
array(
$_POST['kommen'],
$_POST['gehen'],
$benutzer,
$_POST['projekt'],
$_POST['adt'],
$_POST['heute'],
floatval(str_replace(",", ".", $_POST['pause'])),
floatval(str_replace(",", ".", $_POST['ama'])),
floatval(str_replace(",", ".", $_POST['fzhin'])),
floatval(str_replace(",", ".", $_POST['fzrueck'])),
$_POST['anmerkung']
)
);
echo $result;
} catch (Exception $e) {
// ECHO EXCEPTION MESSAGE
echo $e->getMessage();
}
CLICK HERE to find out more related problems solutions.