PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
I am having an issue with the proper syntax on writing the mysql_real_escape_string into code to put data in the db. I have searched all over looking at things, and since I have enough php knowledge to myself in trouble, I just can't figure out how to write it in. The problem I get is the error of: "Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'd" without the double quotation marks. Below is my code. I guess what I need to know is where and how to add the mysql_real_escape_string into my code. The php manual and the examples online just aren't making sense to me and I need this completed for the site I am building soon. Thank you in advance.
Since you have wrapped the $_POST values in the mysql_real_escape_string() function you can use the variables directly like the example below
Syntax: [ Download ] [ Hide ]
<?php
$sql = "INSERT INTO prayer_requests (request_owner, post_text) VALUES ('$request_owner', '$post_text')";
?>
To see what the query looks like when the error occurs, you can echo it to the browser
Syntax: [ Download ] [ Hide ] [ Select ]
<?php
if (!mysql_query($sql,$con))
{
echo mysql_query($sql);
}
?>
Ok, I took the $_POST out of the INSERT function and now I am getting just request_owner and post_text in the db as the data. I ran the error script you wrote and it caused an error stating: Warning: mysql_query(): 2 is not a valid MySQL-Link resource in C:\xampp\htdocs\do_addrequest.php on line 54.
Any help is greatly appreciated. Thanks again ahead of time.