[SOLVED] absurd insert error

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

$var wrote:wow, i learned a bunch from this. escaping being crucial.
You've only seen one facet to why you should escape. Google "SQL injection".
User avatar
guitarlvr
Forum Contributor
Posts: 245
Joined: Wed Mar 21, 2007 10:35 pm

Post by guitarlvr »

Should you escape inputs that are only going into a select statement and never into an insert?

Wayne

EDIT: never mind, stupid question
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Also make sure to learn proper query syntax. Much of th struggle you were having in the last few posts were wrapped around the fact that you were trying to insert a string without wrapping it in quotes.
Post Reply