Posted by Sophisticado on 08/30/06 16:21

Greetings

I have a script in which I am collecting sensitive information via a
form (METHOD=POST) and encrypting the posted variable (format = BLOB)
using mcrypt, then saving it in a MySql table. Using my test
script,everything works fine. Using my production scrypt, everything
works fine for data posted with fewer than 8 characters. If I try to
upload data longer than 8 characters, I get this error message:

You have an error in your SQL syntax; check the manual that corresponds
to your MySQL server version for the right syntax to use near 'i�U�
��C!ʌB', '01', '2004', NULL, '150')' at line 1

The characters i�U���C!ʌB' after "near" are the encrypted characters.

There does not seem to be any difference between the test and production
scrypts.

Here is the syntax I am using for saving the record:

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "myTable"))
{
$insertSQL = sprintf("INSERT INTO myTable (`Date`, LastName,
FirstName, EcryptedBlob) VALUES (%s, %s, %s, %s)",
GetSQLValueString($_POST['Date'], "text"),
GetSQLValueString($_POST['Lastname'], "text"),
GetSQLValueString($_POST['Firstname'], "text"),
GetSQLValueString($encrypted,"text"));

php v. 5.0.5
MySql v. 4.1.9


Any help would be appreciated.

• Next in forum: Re: Serving a website based on source internet address ?
• Prev in forum: Re: Serving a website based on source internet address ?
• Thread view: mcrypt blob upload problem to MySQL

[Reply to this message]