|
|
Posted by James54321 on 10/24/06 14:49
I dont add slashes (i dont see why anyone would) so to make things
simpler here is the code to eneter items into the db how do i alter it
so my db doesnt have all those backslashes ...or is that for some
reason ie will it kill my code if it isnt there?
I thought i could just tweek the db's collation (whatever that is) to
something that doesnt add those horrible backslahes.
P.S.
Here's my code:
if (isset($_POST['submit'])) {
// form submitted
// set server access variables
// get form input
// check to make sure its all there
// escape input values for greater safety
$Idea_Name = empty($_POST['Idea_Name']) ? die ("ERROR: Enter the
Idea Name") : mysql_escape_string($_POST['Idea_Name']);
$Category = empty($_POST['Category']) ? die ("ERROR: Enter the
Category") : mysql_escape_string($_POST['Category']);
$Idea = empty($_POST['Idea']) ? die ("ERROR: Enter the Idea") :
mysql_escape_string($_POST['Idea']);
// open connection
$connection = mysql_connect($host, $user, $pass) or die ("Unable to
connect!");
// select database
mysql_select_db($db) or die ("Unable to select database!");
$date = date("Y-m-d");
$time = date("H:i:s",(time()+6*3600));
$ip = $_SERVER['REMOTE_ADDR'];
// create query
$query = "INSERT INTO ideas (Idea_Name, Category, Idea, Date, Time,
IP_Address) VALUES
('$Idea_Name','$Category','$Idea','$date','$time','$ip')";
//replace sites with your table name
//replace address and description with the filed name
// execute query
$result = mysql_query($query) or die ("Error in query: $query.
".mysql_error());
// print message with ID of inserted record
echo "New record inserted at $time it will now go to the
approvers";
// close connection
mysql_close($connection);
}
And if you need it this is where that page is on the web:
http://flavouredcandy.com/addideas.php
James.
Navigation:
[Reply to this message]
|