jwk811 Posted January 24, 2010 Share Posted January 24, 2010 Here's the function. The problem is when there is symbols in the reply or subject and previous message, it shows a syntax error. Probably because of quotes. I used nl2br() because I thought that made it so you could use symbols. I dunno what else the problem could be or how to fix this. Thanks for any help! function replyTo() { $replyingto = $_POST['replyingto']; $reply = $_POST['reply']; $reply = nl2br($reply); $sql = "SELECT * FROM tbl_message WHERE msg_id = '$replyingto'"; $result = dbQuery($sql); if (dbNumRows($result) == 1) { $row = dbFetchAssoc($result); extract($row); if($msg_status == 'read'){ $sql = "UPDATE tbl_message SET msg_status = 'replied' WHERE msg_id = $msg_id"; dbQuery($sql); } $sub = 'Re: ' . nl2br($msg_sub); $text = $reply . '<br><br><br>-----------------------------------------<br>' . $msg_from_user . ' wrote on ' . $msg_datetime . '<br>' . nl2br($msg_text); $sql = "SELECT user_name FROM tbl_user WHERE user_id = '$msg_to'"; $result = dbQuery($sql); $row = dbFetchAssoc($result); $username = $row['user_name']; $sql = "INSERT INTO tbl_message (msg_from, msg_from_user, msg_to, msg_sub, msg_text, msg_datetime) VALUES ('$msg_to', '$username', '$msg_from', '$sub', '$text', NOW())"; dbQuery($sql); header('Location: index.php?view=messages'); } } Link to comment https://forums.phpfreaks.com/topic/189651-help-syxtax-error/ Share on other sites More sharing options...
jl5501 Posted January 24, 2010 Share Posted January 24, 2010 nl2br() simply converts newlines to <br> to protect against quotes, you need mysql_real_escape_string() Link to comment https://forums.phpfreaks.com/topic/189651-help-syxtax-error/#findComment-1000926 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.