format for this string?

[desjardins2010]

how should this be formated right now it's just outputting .long2ip($ip)

 

'$playerlog admin logged into .long2ip($ip)' WHERE username='$player'")

[revraz]

Post the entire string.

[desjardins2010]

mysql_query ("UPDATE members SET logfile = '$playerlog admin logged into long2ip($ip)' WHERE username='$player'");

[BlueSkyIS]

$sql = "UPDATE members SET logfile = '".mysql_real_escape_string($playerlog)." admin logged into ".long2ip($ip)."' WHERE username='$player'";
mysql_query ($sql) or die(mysql_error());

 

[bibby]

I like sprintf and vsprintf for this -- more separation. Just another option in a sea of many.

 

$q = "UPDATE members SET logfile = '%s admin logged into long2ip(%s)' WHERE username='%s'";
$q = vsprintf($q, array(
mysql_real_escape_string($playerlog),
$ip,
mysql_real_escape_string($player),
));

[.josh]

FYI, the issue here is that you are putting a php method (and variable) inside single quotes ('...').  PHP does not parse syntax/variables in single quotes, it treats it as plain text.  You can get php to parse a variable inside quotes if you use double quotes ("..."), but it won't parse the php function, so you have to break out of the quotes and concatenate as BlueSkyIS has shown. 

 

@bibby: your solution won't work because long2ip() is a php function. You will have to move long2ip() to wrap around $ip and just use %s in the query string.

[bibby]

gotcha,  looks like I was thinking it was mysql's inet_aton()