Jump to content

SQL syntax error!!!!

daxguy

By daxguy
in PHP Coding Help

 Share

Recommended Posts

daxguy Member

daxguy

Posted
Posted 

$query4 = 'UPDATE movies SET embed = \''.$updated_embed. ',\' where title =\''.$_POST['title'].'\' ';

 

i have written this query to update my movies table and as u see the query is written using ' ' quotes now wen i try inserting the values in the text box and if it encounters " quote it works fine but if it encounters ' quote anywer it causes error cuz it messes up with the query.. can anyone help??? sumhow i could igone ' quote in the sql query but want the complete text in the text box including ' quote to be inserted in the db.. if i use " quote with query then i have the same problem.. if i try adding a text and it encounter " then there is a problem with sql syntax and a problem is caused any one give a solution please.. i want these quotes used in the text box to be inserted in db.. dont want to remove them..

Link to comment
Share on other sites
daxguy Member

daxguy

Posted
  • Author
Posted 

$embed_text = mysql_real_escape_string($_POST['embed']);

 

but i am getting the following error..

mysql_real_escape_string() expects parameter 1 to be string, array given in C:\xampp\htdocs\gl\movie_process.php on line 109

 

i did wat u said and its not working

Link to comment
Share on other sites
daxguy Member

daxguy

Posted
  • Author
Posted 

$embed_text = mysql_real_escape_string($_POST['embed']);

	foreach($embed_text as $embed_value)
	{
		$query4_1 = "Select * from movies where title = '".$_POST['title']."';";
		$result2 = mysql_query($query4_1) or die(mysql_error());
		while ($row2 = mysql_fetch_assoc($result2))
		{
			$embed_update = $row2['embed'];
			$updated_embed = $embed_update.$embed_value;
			$query4 = 'UPDATE movies SET embed = \''.$updated_embed. ',\' where title =\''.$_POST['title'].'\' ';
			mysql_query($query4) or die(mysql_error());

		}


	}

 

$_POST['embed'] is an array and $_POST['embed'] creates a random no of fields soo an array is used here..

in the above code i have tried to update the existing db entries with new ones added to them.

 

but now am getting the error

Warning: mysql_real_escape_string() expects parameter 1 to be string, array given in C:\xampp\htdocs\gl\movie_process.php on line 112

 

Warning: Invalid argument supplied for foreach() in C:\xampp\htdocs\gl\movie_process.php on line 114

Link to comment
Share on other sites
Alex Advanced Member

Alex

Posted
Posted

How is that not a solution?

 

$_POST['title'] = mysql_real_escape_string($_POST['title']); // Make sure you do this before the loop
...
$update_embed = mysql_real_escape_string($update_embed);
$query4 = 'UPDATE movies SET embed = \''.$updated_embed. ',\' where title =\''.$_POST['title'].'\' ';

Link to comment
Share on other sites
daxguy Member

daxguy

Posted
  • Author
Posted

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '600' height='480' frameborder='0' src='http://embed.videoweed.com/embed.php?v=cw' at line 1

 

this the error am getting again on the following code

 

foreach($_POST['embed'] as $embed_value)
	{
		$query4_1 = "Select * from movies where title = '".$_POST['title']."';";
		$result2 = mysql_query($query4_1) or die(mysql_error());
		while ($row2 = mysql_fetch_assoc($result2))
		{
			$embed_update = $row2['embed'];
			$updated_embed = $embed_update.$embed_value;
			$update_embed = mysql_real_escape_string($update_embed);
			$query4 = 'UPDATE movies SET embed = \''.$updated_embed. ',\' where title =\''.$_POST['title'].'\' ';
			mysql_query($query4) or die(mysql_error());

		}


	}

 

i did this

 $update_embed = mysql_real_escape_string($update_embed);

but its still interfearing with the code

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.