mworkman Posted November 5, 2010 Share Posted November 5, 2010 I have having a problem getting a mysql query to work. If I just use mysql_query it looks like this and works fine: INSERT INTO schedule (schedule_pk, schedule_month, schedule_day, schedule_year, schedule_hour, schedule_minute, schedule_type, employeenumber) VALUES ( NULL, 10, 10, 1999, 12, 6, 'DayIn', 3); If I put it through mysql_real_escape_string it turns it to this and does not work when I put it into mysql_query: INSERT INTO schedule (schedule_pk, schedule_month, schedule_day, schedule_year, schedule_hour, schedule_minute, schedule_type, employeenumber) VALUES ( NULL, 10, 10, 1999, 12, 6, \'DayIn\', 3); aka: $query = "INSERT INTO...." mysql_query($query); that works, but: $query = "INSERT INTO...." $sqlQuery = mysql_real_escape_string($query, $con); mysql_query($sqlQuery); results in the error. mysql_query($query); The error is: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'DayIn\', 3)' at line 1 Link to comment https://forums.phpfreaks.com/topic/217888-sql-problem/ Share on other sites More sharing options...
Pikachu2000 Posted November 5, 2010 Share Posted November 5, 2010 That's the wrong way to use mysql_real_escape_string(). You use it on the individual values, not the whole query string. (Moving thread to PHP coding help . . . ) Link to comment https://forums.phpfreaks.com/topic/217888-sql-problem/#findComment-1130864 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.