Page 1 of 1

sql error cuase of '

Posted: Wed Sep 08, 2004 9:12 pm
by pinehead18
You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 's Summit','6')' at line 2

When i'm posting a reply and inserting it, it does not like it if their is a ' in the txt. Example. lee's summit. Don't do that.

here is the code

Code: Select all

$sql = "INSERT INTO threads (tid,author,body,date,subject,forum_id) VALUES 
			('$newtid','$name','$body','$date','$subject','$fid')";
Thank you

Posted: Wed Sep 08, 2004 9:20 pm
by tim

Posted: Wed Sep 08, 2004 9:32 pm
by redmonkey
You should consider using mysql_real_escape_string() or addslashes().

Posted: Wed Sep 08, 2004 9:36 pm
by tim
ahh red, much better suggestion.

:cry:

Posted: Thu Sep 09, 2004 2:37 am
by m3mn0n
Yeah I prefer [php_man]addslashes[/php_man]() for this.

And then [php_man]stripslashes[/php_man]() when calling the information.