Url to iinput into Mysql using PHP

Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.

Moderator: General Moderators

Post Reply
Nashtrump
Forum Newbie
Posts: 13
Joined: Wed May 03, 2006 1:56 pm

Url to iinput into Mysql using PHP

Post by Nashtrump »

hi There,

im trying to add a URL to a mysql database using a PHP code.

This is probably going to sound stupid to the PHP whizz's out there but im stuck on it and cant find the right words to search for the answer.

When i try to add the url its tell me i have errors in my mysql syntax, most likey its to do with the ?, backslashes and other special characters contained within the URL.

Im pretty sure theres a command to tell php and mysql to ignore these as special characters and treat them as normal text but i cant think what it is!!

Can anyone help me?

The url is:

http://www.ladbrokes.com/lbr_portal?act ... TXT=PORTAL

The error i get is:

Error updating database: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near ') VALUES (,'Labrokes')' at line 1<br><br>
INSERT INTO bookies (url,title,) VALUES (,'Labrokes')

It shows up as if i dont have any URL to import but when i stepped through my code i have a URL in the variable i pass to this query.


Kind regards

Nash
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

:arrow: Moved to Databases
User avatar
andym01480
Forum Contributor
Posts: 390
Joined: Wed Apr 19, 2006 5:01 pm

Post by andym01480 »

mysql_real_escape_string() should clean it up for you. It puts a slash before any character that would ruin a mysql query

I have a cleaning function that takes account of magic_quotes - important if the url variable was obtained from a GET, POST or REQUEST.

Code: Select all

<?php
function clean($data){
if(get_magic_quotes_runtime()){
$data=stripslashes($data);
}
return mysql_real_escape_string($data);
}
?>
Call it for every variable you want to insert into the database.
Post Reply