ChrisOKC Posted February 21, 2011 Share Posted February 21, 2011 My hosting service has magic_quotes_gpc = On. I was working on my home test server and the following script worked perfectly. Turns out I had magic_quotes_gpc = Off .. I set magic_quotes_gpc = On and restarted. Now the script isn't working. See code and output below. I know something isn't being escaped properly, but I have no clue how/what. Even if I copy and paste the $insert output directly to phpmyadmin, it returns the same error. //HTML Vars $firstName = $_POST['firstName']; $lastName = $_POST['lastName']; $email = $_POST['email']; $desc = $_POST['desc']; //This is a textarea with long description. $year = $_POST['date']; //MySQL - no connection issues $link = mysql_connect('localhost', '__uesr__', '__passwd__*'); $db = mysql_select_db('__DB__', $link); $insert = "INSERT INTO images (firstName, lastName, email, descript, dateYear) VALUES ('$firstName' , '$lastName' , '$email' , '$desc' , '$year' "; $query = mysql_query($insert); if (!$query) { die ('Can\'t query ' . mysql_error()); } echo $insert; ::OUTPUTS:: Can't query You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 INSERT INTO images (firstName, lastName, email, descript, dateYear) VALUES ('this' , 'is' , '[email protected]' , 'and. the. description won\'t work.' , '3456' Obviously I am a novice. I have tried using mysql_real_escape_string with and without stripslashes, but I'm not getting anywhere except more errors. Any help would be greatly appreciated. And I don't care about SQL injection AT ALL. I just want the thing to work with proper escaping for the description if a user inputs special chars. Link to comment https://forums.phpfreaks.com/topic/228326-magic_quotes_gpc-mysql-insert-help/ Share on other sites More sharing options...
cssfreakie Posted February 21, 2011 Share Posted February 21, 2011 could this thread be of help? http://www.webdeveloper.com/forum/showthread.php?t=90414 Link to comment https://forums.phpfreaks.com/topic/228326-magic_quotes_gpc-mysql-insert-help/#findComment-1177370 Share on other sites More sharing options...
ChrisOKC Posted February 21, 2011 Author Share Posted February 21, 2011 It still returns.... You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 If I copy and past the direct echo output of $insert into phpmysql, it returns the EXACT SAME ERROR. See attached screen shot. If I type that sql statement out, it works fine. If I paste it from my browser from the wcho $insert, I get the error. [attachment deleted by admin] Link to comment https://forums.phpfreaks.com/topic/228326-magic_quotes_gpc-mysql-insert-help/#findComment-1177380 Share on other sites More sharing options...
Pikachu2000 Posted February 21, 2011 Share Posted February 21, 2011 That error doesn't look like it's related to an escaping problem. Can you post the table structure? Link to comment https://forums.phpfreaks.com/topic/228326-magic_quotes_gpc-mysql-insert-help/#findComment-1177382 Share on other sites More sharing options...
ChrisOKC Posted February 21, 2011 Author Share Posted February 21, 2011 `key` int(3) NOT NULL AUTO_INCREMENT, `firstName` text NOT NULL, `lastName` text NOT NULL, `email` text NOT NULL, `descript` text NOT NULL, `file` text NOT NULL, `date` int(4) NOT NULL, PRIMARY KEY (`key`) Link to comment https://forums.phpfreaks.com/topic/228326-magic_quotes_gpc-mysql-insert-help/#findComment-1177383 Share on other sites More sharing options...
cssfreakie Posted February 21, 2011 Share Posted February 21, 2011 the image you provided shows you are missing a closing ) in the values part. not sure if that is the thing but it is missing Link to comment https://forums.phpfreaks.com/topic/228326-magic_quotes_gpc-mysql-insert-help/#findComment-1177384 Share on other sites More sharing options...
Pikachu2000 Posted February 21, 2011 Share Posted February 21, 2011 Yeah, that has to be it. Good catch. Link to comment https://forums.phpfreaks.com/topic/228326-magic_quotes_gpc-mysql-insert-help/#findComment-1177408 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.