Jump to content

SQL syntax error


mayman212

Recommended Posts

when I post something into my html form, for example in the first name field, I enter in: John', i am getting the following error:

 

Error in query: . You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Smith',Address_Line_1='rtuy657tr',Address_Line_2='',City='leicester',Postcode='L' at line 1

 

I know it has something to do with preparing the data before inserting it into the database. Anyone know what I have to do to fix it?

Link to comment
https://forums.phpfreaks.com/topic/251672-sql-syntax-error/
Share on other sites

You're using single quotes around the column values in your SQL query, so when you have a single quote within a variable the resulting string contains two single quotes, breaking the syntax. You need to use mysql_real_escape_string to escape any quotes, but also to protect yourself against SQL injections. You should always escape any form of user input used in a query!

Link to comment
https://forums.phpfreaks.com/topic/251672-sql-syntax-error/#findComment-1290698
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.