Page 1 of 1

[solved] Why is this not working now? Error in code message!

Posted: Thu Apr 24, 2008 6:59 am
by Addos
Hi,
I keep getting the follow error with the code below
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's Gift' ORDER BY product_Name' at line 7

I cannot understand this as this script has been running correctly for a few months now and all of a sudden this error appeared. I have tried various different changes but nothing is clering it. I think the problem might be with AND category_Name = '$xHeading[category_Name]' (which was working) and I have tried '$xHeading[“category_Name”]' '$xHeading[‘category_Name’]' but neither of these work the.

Has anyone any idea as to what this might be? This site is running on Server: Apache/1.3.37 . When I view it and test on my local PC IIS it works fine so I’m really puzzled.


Thanks very much

Re: Why is this not working now? Error in code message!

Posted: Thu Apr 24, 2008 7:28 am
by Zoxive
Little bit of a guessing game here, without knowing what $xHeading[category_Name] is.

Try echoing out the query to see what it looks like with the variables in it.

However I'm guessing that $xHeading[category_Name] has a single quote(') in it, throwing off the quote holding it in the query.

Re: Why is this not working now? Error in code message!

Posted: Thu Apr 24, 2008 8:06 am
by onion2k
You aren't escaping the input. Use mysql_real_escape_string().

Re: Why is this not working now? Error in code message!

Posted: Thu Apr 24, 2008 9:38 am
by Addos
mysql_real_escape_string worked a treat thank you very much for all the replys. Much appreciated. :wink:

Re: [solved] Why is this not working now? Error in code message!

Posted: Thu Apr 24, 2008 9:51 am
by Zoxive
Fixing the problem is one thing.

Knowing why it wasn't working is another. :mrgreen: