Page 1 of 1

inserting advertisements into sql

Posted: Fri Feb 16, 2007 2:03 am
by psychotomus
im trying to insert . whats wrong ?

i get this error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') VALUES ( '<object classid=\"clsid:D27CDB6E-AE6D-11cf-96B8-444553540000\"\r\' at line 3

using this

Code: Select all

$qquery="INSERT INTO t_banners (
			code,
	) VALUES (
			'".mysql_real_escape_string($_POST['txtBannerCode'])."'
			)";
	mysql_query($qquery) or die(mysql_error());

Code: Select all

<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000"
codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6"
width="728" height="90">
<param name="movie"
value="http://i.1100i.com/1885/flash/01172007/728x90_penguin2.swf" />
<param name="quality" value="high" />
<param name="flashvars" value="clickTAG=http://x.azjmp.com/0MGN9" />
<embed src="http://i.1100i.com/1885/flash/01172007/728x90_penguin2.swf?clickTAG=http://x.azjmp.com/0MGN9"
quality="high" pluginspage="http://www.macromedia.com/go/getflashplayer"
type="application/x-shockwave-flash" width="728" height="90"></embed>
</object><img src="http://i.azjmp.com/0MGNC" height="1" width="1">

Posted: Fri Feb 16, 2007 2:31 am
by mikeq
do a

Code: Select all

  print $qquery;
before calling mysql_query function, it might give us a clue if we can see exactly what is being passed

Posted: Fri Feb 16, 2007 2:33 am
by mikeq
oh and after "code" in your INSERT INTO bit you have a comma. Remove that and it should work fine