[thelist] PHP - Invalid Query
Burhan Khalid
thelist at meidomus.com
Sat Jun 12 02:42:34 CDT 2004
Chris Rosser wrote:
> Rob,
>
> It's tripping up because there's an apostrophe in $message, which MySQL is
> interpreting as a single quote (i.e. it thinks the single quote in "I've" is
> the end of the data for the field).
>
> You'll need to use addslashes() or similar to escape any single quotes in
> $message before you insert it into the database. Try:
>
> $sql = "INSERT INTO newsarchive (newssubject, newsarchivetext) VALUES
> ('$subject', '" . addslashes($message) . "')";
> mysql_query($sql, $link) or die ("Invalid query");
>
There is also mysql_escape_string() which should be used.
Another suggestion would be to change your die() to something like
die($sql."<br />".mysql_error()); -- atleast then you would know where
it's failing :)
More information about the thelist
mailing list