[SOLVED] MySQL Problem

[xshanelarsonx]

I keep getting this error using this code.

 

-String

$Reason = "You don't live in B-Town";

 

-Function

function autoban($date, $reason, $ip){
    $autoban="INSERT into bans(ip,date,comment,active) VALUES('$ip','$date','$reason','1')";
        mysql_query($autoban) or die(mysql_error());
    echo ("<center><h1><font color='White'>You have been banned on the $date</font></h1></center>");
    echo ("<center><font color='red'>Reason:</font> <font color='White'>$reason</font></center>");
    exit();
}

 

-Error

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 't live in B-Town','1')' at line 1

[magic2goodil]

It is the ' in don't.  Put a backslash before it and watch what happens.

[xshanelarsonx]

Thanks Magic2goodil, but how would I make it add the \ before any ' by its self?

[Jessica]

mysql_real_escape_string()

[magic2goodil]

Welcome.

 

And yea, good call Jes.

 

God I am lame, I am cleaning my room and talking on here, lol.

[xshanelarsonx]

Thanks Jesirose, can you give a example with my code?

[magic2goodil]

I think it's:

mysql_real_escape_string($Reason,$db_connection);

[xshanelarsonx]

This don't work. What I'm trying to do is make it here my code will not give a error when reason has a ' in it.

 

$autoban="INSERT into bans(ip,date,comment,active) VALUES('$ip','$date','$reason','1')";
        mysql_query($autoban) or die(mysql_error());

[Jessica]

look it up in the manual.

[xshanelarsonx]

Can someone please answer my question above. I can't figure it out.

[magic2goodil]

just do addslashes($variable); before you try and add it to database.

[superuser2]

With mysql, you always mysql_real_escape_string any values you use. So:

 

$reason = mysql_real_escape_string($reason);

 

The db handle parameter is optional.

[xshanelarsonx]

Thanks everyone, its working now.