byis a special keyword. Try wrapping the column names in tick marks:

by是一个特殊的关键字。尝试将列名包裹在刻度线中：

INSERT INTO news(`id`,`title`,`body`,`date`,`by`)

I would expect id to be your primary key. It should not allow a null value. If it is auto incrementing you might try this:

我希望 id 是你的主键。它不应允许空值。如果它是自动递增的，你可以试试这个：

$insert = mysql_query
    ("
    INSERT INTO news(title,body,date, by)
    VALUES ('".$title."','".$body."','".$date."','".$by."')
    ");

Others have noted by is a reserved word so you will need to quote it. It is best to avoid naming database objects using reserved words. Consider renaming the bycolumn to author.

其他人注意到 by 是保留字，因此您需要引用它。最好避免使用保留字命名数据库对象。考虑将by列重命名为author.

You should consider making changing the query into a prepared statement. See How can I prevent SQL injection in PHP?.

您应该考虑将查询更改为准备好的语句。请参阅如何防止 PHP 中的 SQL 注入？.

I recommend using sprintf& mysql_real_escape_stringto handle SQL injection attack possibilities:

我建议使用sprintf和mysql_real_escape_string来处理 SQL 注入攻击的可能性：

$insert = sprintf("INSERT INTO news
                    (id, title, body, date, `by`)
                   VALUES 
                     (NULL,'%s','%s','%s','%s')",
                   mysql_real_escape_string($title),
                   mysql_real_escape_string($body),
                   mysql_real_escape_string($date),
                   mysql_real_escape_string($by));

$result = mysql_query($insert) or die(mysql_error());

This will let you know what error is encountered too.

这也会让您知道遇到了什么错误。

That said, there are numerous potential issues:

也就是说，有许多潜在的问题：

• by is a reserved keyword, you need backticks to escape its use in MySQL (see example above). The alternative is to rename the column to something that is not a reserved word -- backticking every column and/or table name hides such issues rather than learning
• NULL should not be inside of single quotes, or it will be interpreted as a string; DEFAULTwould be another option if there's a DEFAULT constraint on the column
• the datecolumn should be either a DATE, DATETIME or TIMESTAMP data type rather than string in order to use MySQL Date/Time functionality, and should be using DATE_FORMATif the value will not be a MySQL standard date format

• by 是一个保留关键字，你需要反引号来逃避它在 MySQL 中的使用（见上面的例子）。另一种方法是将列重命名为不是保留字的名称 - 对每一列和/或表名进行反引号会隐藏此类问题而不是学习
• NULL 不应在单引号内，否则会被解释为字符串；DEFAULT如果列上有 DEFAULT 约束，那将是另一种选择
• 该date列应该是 DATE、DATETIME 或 TIMESTAMP 数据类型而不是字符串以使用MySQL 日期/时间功能，并且如果该值不是 MySQL 标准日期格式，则应使用DATE_FORMAT

Try calling mysql_error() to get the error message: http://php.net/manual/en/function.mysql-error.php

尝试调用 mysql_error() 以获取错误消息：http: //php.net/manual/en/function.mysql-error.php

First of all, don't put the single quotes around NULL or else it will be entered as a string.

首先，不要将单引号放在 NULL 周围，否则它将作为字符串输入。

Also, I am assuming that you are using mysql_real_escape_stringto sanitize $title, $body, etc.

另外，我假设您正在使用mysql_real_escape_string来清理 $title、$body 等。

$title = mysql_real_escape_string($title);
$body  = mysql_real_escape_string($body);
$date  = mysql_real_escape_string($date);
$by    = mysql_real_escape_string($by);

As mellamokb pointed out, byand dateare special keywords. It's best practice to put ticks around your columns (and table names). (this will fix your query)

正如 mellamokb 指出的那样，by并且date是特殊的关键字。最好的做法是在列（和表名）周围打勾。（这将解决您的查询）

$query = "INSERT INTO `news` (`id`, `title`, `body`, `date`, `by`) VALUES
      (NULL, '" . $title . "', '" . $body . "', '" . $date . "', '" . $by . "');";
if ($insert = mysql_query($query, $connect)) {
    // Success!
} else {
    echo 'MySQL Error: ' . mysql_error($connect); // this will tell you whats wrong
}
mysql_close($connect);