开发者

apostrophe in mysql/php

问答 作者:

i'm trying to learn php/mysql.

inserting data into mysql works fine but inserting those with apostrophe is generating an error. i tried using mysql_real_escape_string, yet this doesn't work.

would appreciate any help.

<?php
include 'config.php';

echo "Connected <br />";



$auth = $_POST['author'];
$quo = $_POST['quote'];

$author = mysql_real_escape_string($auth); 
$quote = mysql_real_escape_string($quo); 


//**************************



//inserting data
$sql="INSERT INTO Quotes (vauthor, cquotes)
VALUES ($author, $quote)";

if (!mysql_query($sql,$conn))
  {
 开发者_C百科 die('Error: ' . mysql_error());
  }
echo "1 record added";

...

what am i doing wrong?

Your values are strings, they still need delimiters in the SQL statement, even after you've escaped them.

//inserting data
$sql="INSERT INTO Quotes (vauthor, cquotes)
VALUES ('$author', '$quote')";

Strings must be wrapped in quotes in SQL:

$sql="INSERT INTO Quotes (vauthor, cquotes)
VALUES ('$author', '$quote')";

继续阅读:apostrophedatabasemysql-real-escape-stringphp

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9