[solved] Why is this not working now? Error in code message!

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Addos
Forum Contributor
Posts: 305
Joined: Mon Jan 17, 2005 4:13 pm

[solved] Why is this not working now? Error in code message!

Post by Addos »

Hi,
I keep getting the follow error with the code below
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's Gift' ORDER BY product_Name' at line 7

I cannot understand this as this script has been running correctly for a few months now and all of a sudden this error appeared. I have tried various different changes but nothing is clering it. I think the problem might be with AND category_Name = '$xHeading[category_Name]' (which was working) and I have tried '$xHeading[“category_Name”]' '$xHeading[‘category_Name’]' but neither of these work the.

Has anyone any idea as to what this might be? This site is running on Server: Apache/1.3.37 . When I view it and test on my local PC IIS it works fine so I’m really puzzled.


Thanks very much
Last edited by Addos on Tue Aug 12, 2008 1:50 pm, edited 2 times in total.
User avatar
Zoxive
Forum Regular
Posts: 974
Joined: Fri Apr 01, 2005 4:37 pm
Location: Bay City, Michigan

Re: Why is this not working now? Error in code message!

Post by Zoxive »

Little bit of a guessing game here, without knowing what $xHeading[category_Name] is.

Try echoing out the query to see what it looks like with the variables in it.

However I'm guessing that $xHeading[category_Name] has a single quote(') in it, throwing off the quote holding it in the query.
User avatar
onion2k
Jedi Mod
Posts: 5263
Joined: Tue Dec 21, 2004 5:03 pm
Location: usrlab.com

Re: Why is this not working now? Error in code message!

Post by onion2k »

You aren't escaping the input. Use mysql_real_escape_string().
Addos
Forum Contributor
Posts: 305
Joined: Mon Jan 17, 2005 4:13 pm

Re: Why is this not working now? Error in code message!

Post by Addos »

mysql_real_escape_string worked a treat thank you very much for all the replys. Much appreciated. :wink:
User avatar
Zoxive
Forum Regular
Posts: 974
Joined: Fri Apr 01, 2005 4:37 pm
Location: Bay City, Michigan

Re: [solved] Why is this not working now? Error in code message!

Post by Zoxive »

Fixing the problem is one thing.

Knowing why it wasn't working is another. :mrgreen:
Post Reply