That is not OK, for several reasons:
1. a good INSERT statement lists the fields and the values; it may work without explicitly naming the fields but then any change to your table structure is bound to break your code.
2. Date literals (as well as datetime/timestamp/string literals) need quotes in SQL
3. IMO you don't need strftime; besides, this function has been DEPRECATED as of PHP 8.1.0
Just try ... VALUES ('2021/10/31')
Finally, the safe way to execute database operations is by using
parameterized queries:
Parameters - Microsoft.Data.Sqlite | Microsoft Docs[
^]
Please use them. Always. Advantages:
- no more quoting issues
- no more date formatting issues
- automatic protection against SQL Injection Attacks
By not using a parameterized query, you have to convert your date to a string, and then the database has to convert it back to a date. There is a double risk of errors about date formatting conventions, which gets totally avoided when the date is passed as a date, not as a string.
:)