Here is the current version of the code based on the prior input. I put the var_dump inside the while loop so I could verify what was being placed into the variable. I also added a $stop variable that further on stops the execution of additional code and allows me to see what is being outputted.
I believe that I am executing the mysql_real_escape_string and str_replace in the proper order.
I have only been working with PHP for a couple of months and I really do appreciate your help. Sorry if I am not completely grasping what you are telling me, it might take me a bit for the "light to come on"
Do find any other issues with the code that are preventing the desired outcome.
i
f($import_file){
$handle = fopen($admin_folder.'csv\\'.$file, "r");
$count = 0;
$stop = 'ABC';
while(($data = fgetcsv($handle, 1000, ",")) !== false){
$count = $count + 1;
if($count != 1){
list($col1, $col2, $col3, $col4) = $data;
var_dump($col3);
$col1 = mysql_real_escape_string($col1);
$col2 = mysql_real_escape_string($col2);
//$col3 = mysql_real_escape_string(str_replace("’","'",$col3));
$find = array("’");
$replace = array("'");
$col3 = str_replace($find,$replace,$col3);
$col3 = mysql_real_escape_string($col3);
$col4 = mysql_real_escape_string($col4);
if($col1 != ''){
$sql="INSERT INTO auction_items SET lot='$col1', item='$col2', description='$col3', notes='$col4', auction_id='$aid'";
mysql_query($sql);
}
}
}
fclose($handle);
} //end upload of csv data into table