Hi there,

I've only started working with PHP and MySQL as of this week, and I'm writing a Quotes Database for my Online Gaming Community. So, anything they hear or see that they think is a good quote, they can add it to the database.

I'm currently having an issue, when a user submits a quote with a symbol or apostrophe in it.

I Keep getting this error:

Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'm not paranoid I know for a fact that everyone is out to get me','Test','2011/01' at line 3

The Quote that was trying to be entered was (without speech marks) "I'm not paranoid, I know for a fact that everyone is out to get me. Test is the person who tried to submit the quote and the data is the date it was submitted.

here's my code:

HTML PAGE:

<form action="insert.php" method="post">
Quote: <input type="text" name="Quote_Data" />
Quoted By: <input type="text" name="Quoted_By" />
<input type="submit" />
</form>

INSERT.php

<?php
$con = mysql_connect("localhost","xxxx","xxxx");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}

$date = date("Y/m/d - H:i:s");

mysql_select_db("quotes", $con);

$sql="INSERT INTO Quotes (Quote_Data, Quoted_By , Date_Time) VALUES ('$_POST[Quote_Data]','$_POST[Quoted_By]','$date')";

if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
header("Location: select.php");
echo "Quote Added to Database.";


mysql_close($con)
?>

I feel it's almost like it can't parse the input because of the apostrophe, like it needs to be excused. But any help would be grateful :)