POST data disapearing?

[tallberg]

Ive an incongruable problem. the post data  seems to turn in to nothing when sent to the db.
However also SETthe image_id feild then it works i dont want to change that feild.???????


[code]
echo $_POST["the_description"]; /// Why does it echo out here but does not pass to the db.

        $description = $_POST["the_description"];

$query = "UPDATE hp_additional_images SET feild = '$description' WHERE image_id =". $_GET["id"];

mysql_query($query) or die (mysql_error());[/code]

[Jessica]

What is the value of $description?

Your query is open to SQL injection.

[tallberg]

This is the query as it is now.

[code]echo $_POST["in_description"] ; // this works fine.

$query = "UPDATE hp_additional_images SET adescription = '". $_POST["in_description"] . "' WHERE image_id = " . $_GET["id"]; // now the value of $_POST["in_description"] is blank?[/code]

If you want to help me prevent sql injection great! but i need to understand why this is now working. I seem like a bug or something?

[Jessica]

Well it looked fine to me, you didn't show me the value of description you were passing. If you show what you were passing when it broke, that might explain WHY.

Look up mysql_real_escape_string();

[tallberg]

The value could be any text. for example "A great guy paints all day long."

[dgiberson]

try putting in an echo $query; then paste the line into phpMyAdmin or Query Browser, it will give you more information as to what is wrong vs. what php gives you.....

PS did you misspell field on purpose or by accident? that could be your issue

[Jessica]

Yes, but I was asking what it was specifically when you tried it. For example, if you'd put it "O'Brien" the ' might have been the culprit.

Gah, I give up. Good luck getting help.