Jump to content

Help with Insert statement that contains '


Recommended Posts

I am tyring to figure out how to allow the use of ' in the name field.   I have tried string replace but that does not work.  I also tried single and double quotes around value.  

Any help is appreciated.

 

if(isset($_POST['upsubmit'])){

    // Allowed mime types
    $csvMimes = array('text/x-comma-separated-values', 'text/comma-separated-values', 'application/octet-stream', 'application/vnd.ms-excel', 'application/x-csv', 'text/x-csv', 'text/csv', 'application/csv', 'application/excel', 'application/vnd.msexcel', 'text/plain');

    // Validate whether selected file is a CSV file
    if(!empty($_FILES['file']['name']) && in_array($_FILES['file']['type'], $csvMimes)){

        if(is_uploaded_file($_FILES['file']['tmp_name'])){

            // Open uploaded CSV file with read-only mode
            $csvFile = fopen($_FILES['file']['tmp_name'], 'r');

            // Skip the first line
            fgetcsv($csvFile);

            while(($line = fgetcsv($csvFile)) !== FALSE){

              $Agent_ID                       =$line[0];
              $Agent_Name                     =$line[1];
              $Tran_Year                      =$line[2];
              $Tran_Period                    =$line[3];
              $Original_Mobile_ID             =$line[4];
              $Mobile_ID                      =$line[5];
              $Device_Category                =$line[6];
              $Device_ID                      =$line[7];
              $Account_Number                 =$line[8];
              $Price_Plan                     =$line[9];
              $Customer_Name                  =$line[10];
              $Device_Change_Date             =$line[11];
              $New_Device_Contract_Begin_Date =$line[12];
              $New_Device_Contract_End_Date   =$line[13];
              $Access_Charge                  =$line[14];
              $Contract_Term                  =$line[15];
              $Model                          =$line[16];
              $Alt_Mobile_ID                  =$line[17];
              $VZW_Provided_Equip             =$line[18];
              $Previously_Activated_Equip     =$line[19];
              $Installment_Contract           =$line[20];
              $Purchased_Receivable           =$line[21];
              $DPA_Service_Fee                =$line[22];
              $Agent_SSO_ID                   =$line[23];
              $Customer_Type                  =$line[24];
              $Previous_Price_Plan            =$line[25];
              $Previous_Access_Charge         =$line[26];

                $prevQuery = "SELECT ID FROM disc_Upgrades WHERE Device_ID = '".$line[7]."' AND Customer_Name = '".$line[10]."'";
                $prevResult = $db->query($prevQuery);

                if($prevResult->num_rows > 0){

                }else{
                    $db->query("INSERT INTO `disc_Upgrades(Agent_ID`,
                                            `Agent_Name`,
                                            `Tran_Year`,
                                            `Tran_Period`,
                                            `Original_Mobile_ID`,
                                            `Mobile_ID`,
                                            `Device_Category`,
                                            `Device_ID`,
                                            `Account_Number`,
                                            `Price_Plan`,
                                            `Customer_Name`,
                                            `Device_Change_Date`,
                                            `New_Device_Contract_Begin_Date`,
                                            `New_Device_Contract_End_Date`,
                                            `Access_Charge`,
                                            `Contract_Term`,
                                            `Model`,
                                            `Alt_Mobile_ID`,
                                            `VZW_Provided_Equip`,
                                            `Previously_Activated_Equip`,
                                            `Installment_Contract`,
                                            `Purchased_Receivable`,
                                            `DPA_Service_Fee`,
                                            `Agent_SSO_ID`,
                                            `Customer_Type`,
                                            `Previous_Price_Plan`,
                                            `Previous_Access_Charge`)

                                VALUES (
                                  '$Agent_ID',
                                  '$Agent_Name',
                                  '$Tran_Year',
                                  '$Tran_Period',
                                  '$Original_Mobile_ID',
                                  '$Mobile_ID',
                                  '$Device_Category',
                                  '$Device_ID',
                                  '$Account_Number',
                                  '$Price_Plan',
                                  '$Customer_Name',
                                  '$Device_Change_Date',
                                  '$New_Device_Contract_Begin_Date',
                                  '$New_Device_Contract_End_Date',
                                  '$Access_Charge',
                                  '$Contract_Term',
                                  '$Model',
                                  '$Alt_Mobile_ID',
                                  '$VZW_Provided_Equip',
                                  '$Previously_Activated_Equip',
                                  '$Installment_Contract',
                                  '$Purchased_Receivable',
                                  '$DPA_Service_Fee',
                                  '$Agent_SSO_ID',
                                  '$Customer_Type',
                                  '$Previous_Price_Plan',
                                  '$Previous_Access_Charge')");
                                                  }
                                              }

            // Close opened CSV file
            fclose($csvFile);

            $qstring = '?status=succ';
        }else{
            $qstring = '?status=err';
        }
    }else{
        $qstring = '?status=invalid_file';
    }
}

// Redirect to the listing page
header("Location: ../index.php".$qstring);

 

Link to post
Share on other sites
This thread is more than a year old.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.