Mr Chris Posted May 3, 2007 Share Posted May 3, 2007 Hi Guys, In my system I'm creating I am entering a term in my table for a record and then seaching the rest of the database for a similar term. So for example if I entered the term John Jones It searches the database for all other instances of this word. Now this works great apart from one thing. If I entered John Jone's (apostrophe) as my related term it throws up an SQL error: Now I thought I would be able to solve this using addslashes, but I still get the same problem? Any ideas? Thanks <? $query = "SELECT DISTINCT story_id, headline FROM cms_stories WHERE (headline LIKE '%$related_term_one%' OR headline LIKE '%$related_term_two%' OR body_text LIKE '%$related_term_one%' OR body_text LIKE '%$related_term_two%') AND story_id != $story_id ORDER BY story_id DESC LIMIT 5"; $result = mysql_query($query) OR die(mysql_error()); $defineResults = mysql_num_rows($result); if ($defineResults == 0) { echo ("<DIV ALIGN=\"CENTER\"><strong><font size='1' face='Verdana, Arial, Helvetica, sans-serif'>Sorry, there are no related stories</font></div>"); } else { while($row = mysql_fetch_assoc($result)) { echo " <img src='../images/story_images/dot.jpg' width='10' height='10' align='absbottom' /><strong><font size='1' face='Verdana, Arial, Helvetica, sans-serif'><a href='story.php?story_id={$row[story_id]}'> " . addslashes($row['headline']) . "</a></font></strong><br />"; } } ?> Quote Link to comment Share on other sites More sharing options...
DaveEverFade Posted May 3, 2007 Share Posted May 3, 2007 try mysql_real_escape_string() should do it I think.... Oh, and you need to do that before you run the query ie <? $query = "SELECT DISTINCT story_id, headline FROM cms_stories WHERE (headline LIKE '%$related_term_one%' OR headline LIKE '%$related_term_two%' OR body_text LIKE '%$related_term_one%' OR body_text LIKE '%$related_term_two%') AND story_id != $story_id ORDER BY story_id DESC LIMIT 5"; $query=mysql_real_escape_string($query); $result = mysql_query($query) OR die(mysql_error()); ............ Quote Link to comment Share on other sites More sharing options...
Mr Chris Posted May 3, 2007 Author Share Posted May 3, 2007 Thanks, But that simply generates the same error with / in it? Quote Link to comment Share on other sites More sharing options...
DaveEverFade Posted May 3, 2007 Share Posted May 3, 2007 Can you post the error please? Quote Link to comment Share on other sites More sharing options...
Mr Chris Posted May 3, 2007 Author Share Posted May 3, 2007 Yep, Thank You You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\r\nWHERE \r\n(headline LIKE \'%%\' OR headline LIKE \'%%\' \r\nOR body_text LIK' at line 1 Using... <? $query = "SELECT DISTINCT story_id, headline FROM cms_stories WHERE (headline LIKE '%$related_term_one%' OR headline LIKE '%$related_term_two%' OR body_text LIKE '%$related_term_one%' OR body_text LIKE '%$related_term_two%') AND story_id != $story_id ORDER BY story_id DESC LIMIT 5"; $query=mysql_real_escape_string($query); $result = mysql_query($query) OR die(mysql_error()); $defineResults = mysql_num_rows($result); if ($defineResults == 0) { echo ("<DIV ALIGN=\"CENTER\"><strong><font size='1' face='Verdana, Arial, Helvetica, sans-serif'>Sorry, there are no related stories</font></div>"); } else { while($row = mysql_fetch_assoc($result)) { echo " <img src='../images/story_images/dot.jpg' width='10' height='10' align='absbottom' /><strong><font size='1' face='Verdana, Arial, Helvetica, sans-serif'><a href='story.php?story_id={$row[story_id]}'> {$row['headline']}</a></font></strong><br />"; } } ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.