Jump to content

Single Quote Syntax Error

ajicles

By ajicles
in PHP Coding Help

 Share

Recommended Posts

ajicles Member

ajicles

Posted
Posted

I have fixed the error before when it gave me the error when someone enters a single quote into a field. And it is doing it again for some reason.

 

Thanks AJ.

 

Error:

Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's voice is high listen to usher's.')' at line 3

 

<?php
$con = mysql_connect("mysql4.freehostia.com","ajilmf_likebook","*********");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("ajilmf_likebook", $con);

$result = mysql_query("SELECT * FROM facebook", $con);
$num_rows = mysql_num_rows($result);
$ID = $num_rows + 1;  

mysql_select_db("test");

$sql="INSERT INTO facebook(ID, post_content)
VALUES
('$ID','$_POST[post_content]')";

if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
echo '<head><META HTTP-EQUIV="refresh" CONTENT="0;URL=http://likebook.cz.cc/like.php?id='.$ID.'"></head><br>';
echo '<center>If your browser does not support redirecting <a href="http://likebook.cz.cc/like.php?id='.$ID.'">click here</a>.</center>';
mysql_close($con)
?>

Link to comment
https://forums.phpfreaks.com/topic/205939-single-quote-syntax-error/
Share on other sites
kenrbnsn Regular Member

kenrbnsn

Posted
Posted

Always use the function mysql_real_escape_string when inserting/updating data in a MySQL database.

 

<?php
$sql="INSERT INTO facebook(ID, post_content) VALUES ('$ID','" . mysql_real_escape_string($_POST[post_content]) . "')";
?>

 

If you don't, you're opening your script up to hackers.

 

Ken

 

ajicles Member

ajicles

Posted
  • Author
Posted

It is still returning me an error when I enter single quotes into my form.

 

Here is the website I am using it in that I made: http://likebook.cz.cc

 

And where you enter a sentence with a single quote in it it returns an error.

 

Thanks

    ~AJ

 

ERROR:

Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'd always be there... Where are you now? ')' at line 3

 

PHP:

<?php
$con = mysql_connect("mysql4.freehostia.com","ajilmf_likebook","*********");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("ajilmf_likebook", $con);

$result = mysql_query("SELECT * FROM facebook", $con);
$num_rows = mysql_num_rows($result);
$ID = $num_rows + 1;  

mysql_select_db("ajilmf_likebook");

$sql="INSERT INTO facebook(ID, post_content) VALUES ('$ID','" . mysql_real_escape_string($_POST[post_content]) . "')";

if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
echo '<head><META HTTP-EQUIV="refresh" CONTENT="0;URL=http://likebook.cz.cc/like.php?id='.$ID.'"></head><br>';
echo '<center>If your browser does not support redirecting <a href="http://likebook.cz.cc/like.php?id='.$ID.'">click here</a>.</center>';
mysql_close($con)
?>

ajicles Member

ajicles

Posted
  • Author
Posted

Thank you very much. I just learned started learning PHP and MYSQL lastweek lol.

 

 

Are you sure you saved and uploaded your changes? People sometimes get confused about it ;)

 

I believe I did. I'll check the webserver for any changes.  >:( I forgot to upload to FTP it I was FTPING the wrong files.

 

Thank you so much for your help.

    ~ AJ

ajicles Member

ajicles

Posted
  • Author
Posted

When you're just learning, it's much easier to use a webserver on your PC, such as xampp or wamp. I use xampp. Then you don't have to worry about uploading to another machine.

 

Ken

 

I use WAMP at home and WAMPP at school. I had just finished my website and was uploading it with a few errors. Another error I came across was if entered a sentence like

 

"Don't Eat Yellow Snow"

 

It would work, but using Facebook's SDK if wouldn't make the page for it. It would only make a page that would be titled:

 

"Don'

 

Since the code for it was:

 

<meta property="og:title" content=''<?php echo $row[1]; ?>''/>

 

It would end the sentence at when the quotes were used. To fix that I use double single quotes ' ' not " or '

 

Problem fixed.

 

Thank you for your help.

    ~ AJ

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.