Gruzin Posted August 13, 2006 Share Posted August 13, 2006 hi everybody,I've got a little problem, when I'am trying to write something like this: [color=red]Let's Go[/color], mysql says: [color=green]Error:You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 's','80.241.240.89')' at line 4[/color]P.S in other ways it works correctly.here is the code, hope u guys can help me, thanks a lot.<?phprequire("../ban/ban.php"); //check if the address is banned$text = nl2br(stripslashes($_POST['The_Textarea'])); // text inputed in form$userip = $_SERVER['REMOTE_ADDR']; // get user ip and store it in db$con = mysql_connect("localhost","3d","pass");if(!$con) { die('Couldn"t connect'.mysql_error());}mysql_select_db("3d",$con);$insert = "INSERT INTO func_auction(user,mes,ip)VALUES('$_POST[user]','$text','$userip')"; if(!mysql_query($insert,$con)){ die('Error:'.mysql_error());}header( 'Location: http://www.3d.caucasus.net/auction.php' ) ;mysql_close($con);?> Quote Link to comment Share on other sites More sharing options...
hitman6003 Posted August 13, 2006 Share Posted August 13, 2006 You need to use mysql_real_escape_string, or add_slashes, on your variable ($text apparently).You are getting the error because the single quote, which is used to denote the start and end of strings in SQL, is not being escaped in the input text. Quote Link to comment Share on other sites More sharing options...
Barand Posted August 13, 2006 Share Posted August 13, 2006 That's because you strip the the slashes from the $text variable. It needs to be "Let\'s go" when you put it in the query Quote Link to comment Share on other sites More sharing options...
Gruzin Posted August 13, 2006 Author Share Posted August 13, 2006 you mean this?[color=red]$userip = nl2br(stripslashes($_SERVER['REMOTE_ADDR']));[/color]I've tryed but...It doesn't work. any ideas? Quote Link to comment Share on other sites More sharing options...
Barand Posted August 13, 2006 Share Posted August 13, 2006 [quote]$text = nl2br(stripslashes($_POST['The_Textarea'])); // text inputed in form[/quote] Quote Link to comment Share on other sites More sharing options...
Gruzin Posted August 13, 2006 Author Share Posted August 13, 2006 [quote author=Barand link=topic=104103.msg415096#msg415096 date=1155496817][quote]$text = nl2br(stripslashes($_POST['The_Textarea'])); // text inputed in form[/quote][/quote]umm... nothing wrong with that script, I've got a problem with:[color=red]$userip = $_SERVER['REMOTE_ADDR']; [/color] // get user ip and store it in dbbecouse of that I get this error... Quote Link to comment Share on other sites More sharing options...
Gruzin Posted August 13, 2006 Author Share Posted August 13, 2006 [quote author=Barand link=topic=104103.msg415096#msg415096 date=1155496817][quote]$text = nl2br(stripslashes($_POST['The_Textarea'])); // text inputed in form[/quote][/quote]OK Barand you are right, thanks a lot:) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.