Jump to content

Escape Strings

dpiearcy

By dpiearcy
in PHP Coding Help

 Share

Recommended Posts

mrMarcus Member

mrMarcus

Posted
Posted (edited) 

include_once "Scripts/connect_to_mysql.php";

 

Within your connect file you should have created a variable to store the connection identifier:

 

$myConnection = mysqli_connect('host', 'username', 'password');

 

Where $myConnection is now your identifier:

 

$praise = mysqli_real_escape_string($myConnection, $praise);

 

To echo your query you must separate it from the mysqli_query() function:

 

$sql = "UPDATE prayer SET how = '$praise', answerdate = NOW() WHERE id = '$pid'";
if ($query = mysqli_query($myConnection, $sql)) {
   header("location: http://orchardmidland.com/NewOrchard/praise_wall.php");
   exit(0);
}
else {
   trigger_error("Query Failed! SQL: $sql - Error: ". mysqli_error($myConnection), E_USER_ERROR);
}

Edited by mrMarcus
Link to comment
Share on other sites
dpiearcy Member

dpiearcy

Posted
  • Author
Posted 

include_once "Scripts/connect_to_mysql.php";

 

Within your connect file you should have created a variable to store the connection identifier:

 

$myConnection = mysqli_connect('host', 'username', 'password');

 

Where $myConnection is now your identifier:

 

$praise = mysqli_real_escape_string($myConnection, $praise);

 

To echo your query you must separate it from the mysqli_query() function:

 

$sql = "UPDATE prayer SET how = '$praise', answerdate = NOW() WHERE id = '$pid'";
if ($query = mysqli_query($myConnection, $sql)) {
header("location: http://orchardmidland.com/NewOrchard/praise_wall.php");
exit(0);
}
else {
trigger_error("Query Failed! SQL: $sql - Error: ". mysqli_error($myConnection), E_USER_ERROR);
}

 

BINGO!!!!! By George (or MrMarcus) that did it. You were correct in how I had my connection script set up since you saw the variable. I added that and presto. It writes now even with the ' in there.

 

Thanks 'eh (since you're Canadian and all :-) )

 

Gonna mark this one as solved now. WHEW! Thanks to all!

Link to comment
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted (edited)
Then help me out with the error reporting. I tried this and just got a white screen:

 

What you tried was to add error checking and error reporting logic for your query using trigger_error(). While you do need to always check if statements like query/file operations fail, that's not what I suggested. And since what trigger_error reports and displays is dependent on the error_reporting/display_errors settings, you are still in the dark, or in this case the 'white screen', concerning the reporting and display of errors in your code.

 

You need to set the error_reporting/display_errors settings, to the suggested values, in the master php.ini on your development system (so that even parse errors in your main file will be reported and displayed.) You can also set them in a .htaccess file (when php is running as an Apache Module), in a local php.ini (when php is running as a CGI application), or even in your script (which won't show any fatal parse errors in the main file since your code never runs to change the settings when there is a fatal parse error in the main file.)

Edited by PFMaBiSmAd
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.