Code: Select all
Failed to execute query: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '<IMG src="http://techcommunity.us/uploads/smil3dbd4dbc14f3f.gi"<IMG src=\"http://techcommunity.us/uploads/smil3dbd4dbc14f3f.gif\"> a"
The above is the string that i tried to insert into the database using the bellow code.
Code: Select all
$title = $_POSTї'title'];
$message = $_POSTї'yourFieldNameHere'];
echo $message;
$result = database("INSERT INTO xoops_weblog ( blog_id , user_id , cat_id , created , title , contents , private , comments , reads , description , dohtml ) VALUES ('', '1', '2', UNIX_TIMESTAMP(NOW()), '$title', $message, 'N', '0', '0', '', '0')");