php - error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '[],[] ... at line 1 -

i tried fix code don't know whats wrong code? specific error message is:

you have error in sql syntax; check manual corresponds mysql server version right syntax use near '[$message],[$key],[$encrypt_message],[$encrypt_hex])' @ line 1 blockquote

and code

<?php $password ="abcd"; $iv = '0000000000000000'; $mode =mcrypt_mode_cbc; $cipher = mcrypt_rijndael_128;  $message = $_post['message'];  $key = $_post['key'];   $encrypt_message = mcrypt_encrypt( "$cipher", "$key", "$message", "$mode", "$iv"); $encrypt_hex = bin2hex($encrypt_message);  // protect mysql injection (more detail mysql injection) $message = stripslashes($message); $key = stripslashes($key); $message = mysql_real_escape_string($message); $key = mysql_real_escape_string($key); $encrypt_message = stripslashes($encrypt_message); $encrypt_message = mysql_real_escape_string($encrypt_message); $encrypt_hex = stripslashes($encrypt_hex); $encrypt_hex = mysql_real_escape_string($encrypt_hex);  $con=mysqli_connect("localhost","root","abcd","thanhan"); // check connection if (mysqli_connect_errno()) {     echo "failed connect mysql: " . mysqli_connect_error(); } $sql = "insert `database`(`message`, `key`, `encrypt_message`, `encrypt_hex`) values ([$message],[$key],[$encrypt_message],[$encrypt_hex])"; if (! mysqli_query($con, $sql)) {     die('could not enter data: '.mysqli_error($con)); } echo "entered data successfully"; mysqli_close($con); 

?>

thanks in advance !

in statement :

$sql = "insert `database`(`message`, `key`, `encrypt_message`, `encrypt_hex`) values ([$message],[$key],[$encrypt_message],[$encrypt_hex])"; 

this part

values ([$message],[$key],[$encrypt_message],[$encrypt_hex]); 

should be

values ('$message','$key','$encrypt_message','$encrypt_hex'); /* enclose parameters in single quote => '' , not in brackets => []  */ 

i assume mixing mysql sqlserver or other sql!!