php_beginner_83 Posted September 18, 2009 Share Posted September 18, 2009 Hi All I'm trying to create an upload page (form) where I can add photos (the path of the image) and a description of the photo to a database. I'm coming across problems when in the 'description'. If I use ' it creates an error, for example, 'I'm a bear'. When I use Im a bear, there is no problem. I'm still fairly new to php and would appreciate any comments on this. My code is.. $insert = "INSERT INTO pictures (ID, Description, Path) VALUES ($newID, '{$_POST['imageDescription']}', '" . $string . "{$_POST['path']}')"; mysql_query($insert) or die(mysql_error()); It's this insert where the problem is. Thank you. Quote Link to comment Share on other sites More sharing options...
zq29 Posted September 18, 2009 Share Posted September 18, 2009 mysql_real_escape_string() Quote Link to comment Share on other sites More sharing options...
php_beginner_83 Posted September 18, 2009 Author Share Posted September 18, 2009 Should $insert go into that function or just the part that contains the apostrophes i.e. $_POST['imageDescription'] Thanks Quote Link to comment Share on other sites More sharing options...
kickstart Posted September 18, 2009 Share Posted September 18, 2009 Hi Just the part with the apostraphies $insert = "INSERT INTO pictures (ID, Description, Path) VALUES ($newID, '".mysql_real_escape_string($_POST['imageDescription'])."', '" . $string . mysql_real_escape_string($_POST['path'])."')"; All the best Keith Quote Link to comment Share on other sites More sharing options...
php_beginner_83 Posted September 19, 2009 Author Share Posted September 19, 2009 Thanks Keith, that worked a treat Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.