Posted by Jordan Miller on 10/20/06 11:24

besides just escaping your strings, i think you are having a quoting
error:
http://www.php.net/manual/en/language.types.string.php

Commas should not have to be escaped, and indeed the
mysql_real_escape_string() function will not escape commas. After
escaping your input data with this function, I would make the $query
text a bit more technically correct:
Change this:
$query = "insert into testtable6 (indx, col1, col2) values (NULL,
'$data1', '$data2')";
to this:
$query = "insert into testtable6 (indx, col1, col2) values (NULL, '".
$data1."', '".$data2."')";
echo $query."<br>\n";

to ensure proper handling of all data in the sql commands.
If you echo your $query before the insert, what do you get? This is
always a good practice when you're having trouble.

Jordan




On Aug 18, 2005, at 12:05 PM, Chris wrote:

> You need to escape the data, so....
>
> $data1 = mysql_real_escape_string($data1,$rLink);
> $data2 = mysql_real_escape_string($data2,$rLink);
>
>
> Jon wrote:
>
>
>> Please help with an insert problem.
>>
>> Sometimes $data1 could have a comma and that messes up the
>> insert. how do I
>> get around that?
>>
>> $query = "insert into testtable6 (indx, col1, col2) values (NULL,
>> '$data1',
>> '$data2')";
>> mysql_db_query("testdb", $query);
>>
>>
>>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
>
>

[Back to original message]