gdfhghjdfghgfhf Posted April 20, 2008 Share Posted April 20, 2008 i have a sql query that output some stuff from the database one of the entry contains a single quote (i.e.: Thumb's Up) it is breaking my sql query and messing up the page here is the query $filter = mysql_real_escape_string($title); $query = "SELECT * FROM quebec_thread WHERE title LIKE '%$filter%' AND forumid='18'"; ($title is a $_GET value) i tryed with mysql_real_escape_string() and addslashes() but i still get the same error... the entry in the database doesn't contain slashes You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's Up%' AND forumid='18'' at line 1 Quote Link to comment Share on other sites More sharing options...
unidox Posted April 20, 2008 Share Posted April 20, 2008 Try this: $query = "SELECT * FROM `quebec_thread` WHERE `title` LIKE '%$filter%' AND `forumid` = '18'"; Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted April 20, 2008 Share Posted April 20, 2008 Output your query when you get the error: <?php $filter = mysql_real_escape_string($title); $query = "SELECT * FROM quebec_thread WHERE title LIKE '%$filter%' AND forumid='18'"; $rs = mysql_query($query) or die("Problem with the query: $query<br>" . mysql_error()); ?> Using this method may show where the error is better. Ken Quote Link to comment Share on other sites More sharing options...
gdfhghjdfghgfhf Posted April 20, 2008 Author Share Posted April 20, 2008 thanks, i fixed it Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted April 20, 2008 Share Posted April 20, 2008 What was the problem? Ken Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.