MySQL Forums
Forum List  »  PHP

$_POST Help :
Posted by: Michael Newton
Date: January 15, 2011 08:11PM

Hi there,

I've only started working with PHP and MySQL as of this week, and I'm writing a Quotes Database for my Online Gaming Community. So, anything they hear or see that they think is a good quote, they can add it to the database.

I'm currently having an issue, when a user submits a quote with a symbol or apostrophe in it.

I Keep getting this error:

Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'm not paranoid I know for a fact that everyone is out to get me','Test','2011/01' at line 3

The Quote that was trying to be entered was (without speech marks) "I'm not paranoid, I know for a fact that everyone is out to get me. Test is the person who tried to submit the quote and the data is the date it was submitted.

here's my code:

HTML PAGE:

<form action="insert.php" method="post">
Quote: <input type="text" name="Quote_Data" />
Quoted By: <input type="text" name="Quoted_By" />
<input type="submit" />
</form>

INSERT.php

<?php
$con = mysql_connect("localhost","xxxx","xxxx");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}

$date = date("Y/m/d - H:i:s");

mysql_select_db("quotes", $con);

$sql="INSERT INTO Quotes (Quote_Data, Quoted_By , Date_Time) VALUES ('$_POST[Quote_Data]','$_POST[Quoted_By]','$date')";

if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
header("Location: select.php");
echo "Quote Added to Database.";


mysql_close($con)
?>

I feel it's almost like it can't parse the input because of the apostrophe, like it needs to be excused. But any help would be grateful :)

Options: ReplyQuote


Subject
Written By
Posted
$_POST Help :
January 15, 2011 08:11PM
January 15, 2011 08:26PM
January 15, 2011 08:34PM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.