coutts Posted August 18, 2008 Share Posted August 18, 2008 Hi can anyone tell me why the following code fails ie doesnt work, obviously I have a syntax problem but I have limited knowledge to fix it - I do BTW have an active connection by this stage of the code Thanks Robert $sql="INSERT INTO my_table (ID, username, approved, composition) VALUES ('',mysql_real_escape_string($_POST['username']),mysql_real_escape_string($_POST['approved']),mysql_real_escape_string($_POST['composition']))"; Quote Link to comment Share on other sites More sharing options...
Mchl Posted August 18, 2008 Share Posted August 18, 2008 You can't call functions within "" quotes. Quote Link to comment Share on other sites More sharing options...
coutts Posted August 18, 2008 Author Share Posted August 18, 2008 This did work until I started adding the mysql_real_escape_string even with the quotes although this reminds me on another problem that I was instructed not to use "" to make a variable out of aN SQL string and then try to run it. What would you suggest. Quote Link to comment Share on other sites More sharing options...
Mchl Posted August 18, 2008 Share Posted August 18, 2008 (at least) Two solutions are possible: 1st $username = mysql_real_escape_string($_POST['username']); $approved = mysql_real_escape_string($_POST['approved']); $composition = mysql_real_escape_string($_POST['composition']); $sql="INSERT INTO my_table (ID, username, approved, composition) VALUES ('','$username','$approved','$composition')"; 2nd $sql="INSERT INTO my_table (ID, username, approved, composition) VALUES ('','".mysql_real_escape_string($_POST['username'])."','".mysql_real_escape_string($_POST['approved'])."','".mysql_real_escape_string($_POST['composition'])."')"; In general, you cannot do someting like this: $var = "mysql_real_escape_string($argument)"; Only variables are recognized within "" quotes. Functions are not. Quote Link to comment Share on other sites More sharing options...
coutts Posted August 18, 2008 Author Share Posted August 18, 2008 I used example #1 as I did have a page made up like that which hadnt been working either - but I could see from your example what the problem was. As a VB programmer this is quite a switch to using server side languages such as PHP and SQL database - VB is simpler Thanks for your help Rob Quote Link to comment Share on other sites More sharing options...
Mchl Posted August 18, 2008 Share Posted August 18, 2008 I never could get used to VB... It wasn't simple to me at all... Quote Link to comment Share on other sites More sharing options...
coutts Posted August 18, 2008 Author Share Posted August 18, 2008 I think if you start programming using VB its simpler - if you start with any other language it isnt. I think most languages share some of the same syntax and basic structure - VB is totally different so I dont think it is a good starter language Quote Link to comment Share on other sites More sharing options...
Mchl Posted August 18, 2008 Share Posted August 18, 2008 I started with BASIC... but it has nothing to do with VB Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.