SQL Error, Cant spot it

[glenelkins]

Hi, can anyone spot why i am getting the following error from the code below:

[b]You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's Publishing','2003-11-30')' at line 1[/b]


I cant see a syntax error in the sql at all?? Its the second SQL query we are looking at here...(there are two in there) we are looking at the INSERT one


[code]
<?
// Includes
include ("./lib/nusoap.php");

// Create an instance of the soap client object
$soapclient = New soapclient("http://soap.amazon.com/schemas2/AmazonWebServices.wsdl",true);

// create a proxy so that WSDL methods can be accessed directly
$proxy = $soapclient->getProxy();

// Database
mysql_connect ("localhost","root","") or die(mysql_error());
mysql_select_db ("books") or die(mysql_error());

// Get the format
if ($_POST['isbn'] != "") {
$isbn = $_POST['isbn'];
$format = $_POST['format'];
header ("Location: $format/$isbn");
} else {
$format = $_GET['format'];
$isbn = $_GET['isbn'];
}

if (isset($format)) {
// Search for the book information
$isbn_split = explode(",",$isbn);
$isbn_list = "";

foreach ($isbn_split as $isbn) {
    $result = mysql_query ("SELECT author,title,place,publisher,date FROM books WHERE isbn='$isbn'") or die(mysql_error());
    list ($author,$title,$place,$publisher,$date) = mysql_fetch_array($result);

    $tmp_date = explode("-",$date);
    $date = $tmp_date[0];

    if (mysql_num_rows($result) <= 0) {
    // set up an array containing input parameters to be
            // passed to the remote procedure
            $params = array(
                'keyword'    => $isbn,
                'page'        => 1,
                'mode'        => 'books',
                'tag'        => '',
                'type'        => 'lite',
                'devtag'      => '1JYY5XQ1ZZ3H1Y1K0AR2'
            );
           
            // invoke the method
            $result = $proxy->KeywordSearchRequest($params);
            $details = $result['Details'];
           
            $author = $details[0]['Authors'][0];
            $title = $details[0]['ProductName'];
            $publisher = $details[0]['Manufacturer'];
            $tmp_date = explode(",",$details[0]['ReleaseDate']);
            $sql_date = date ("Y-m-d",mktime(0,0,0,0,0,$tmp_date[1]));
            $date = $tmp_date[1];
           
            mysql_query ("INSERT INTO books VALUES ('','$isbn','$author','$title','place','$publisher','$sql_date')") or die(mysql_error());
    }

    if ($format == 'apa') {
    $content .= "
    <tr>
    <td>$author.</td><td>($date).</td><td>" . ucwords($title) . ".</td><td>$place:</td><td>" . ucwords($publisher) . ".</td>
    </tr>";

    } elseif ($format == 'mla') {
    $content .= "
    <tr>
    <td>$author.</td><td>" . ucwords($title) . ".</td><td>$place:</td><td>" . ucwords($publisher) . ",</td><td>$date</td>
    </tr>";
    } elseif ($format == 'chicago') {
    $content .= "
    <td>
    <td>$author.</td><td>$date.</td><td>" . ucwords($title) . ".</td><td>" . ucwords($place) . ":</td><td>" . ucwords($publisher) . ".</td>
    </tr>";
    }
   
    $isbn_list .= $isbn . ",";
 
}
} else {
echo "Please Select A Format";
exit();
}
?>
[/code]

[glenelkins]

ok i found the problem. The publisher variable value contains an apostraphie. How do i insert that value into the database then??

example: $publisher = "This is a test publisher...It's not allowed to insert??";

[glenelkins]

problem solved