farkewie Posted November 11, 2007 Share Posted November 11, 2007 hi i am creating my own gallery, and i am trying to add the location of images to mysql database here is the code: <?php include("sql.php"); include("config.php"); $thumbtext = "_THUMB.jpg"; error_reporting(E_ALL & ~E_NOTICE); // scan the directory for images $dir = urldecode($_GET['album']); $dh = opendir("./".$dir); while (false !== ($filename = readdir($dh))) { if($filename == '.' || $filename == '..' || $filename == 'thumbs'){continue;} $files[] = $filename; } sort($files); rsort($files); /*print "<pre>"; print_r($files); print"</pre>";*/ //$dir = "images/"; //se if the thumbs have been created if (!file_exists($dir."/thumbs")){ mkdir($dir."/thumbs", 0777 ); } if (!file_exists($dir."/thumbs/".$file.$thumbtext)){ foreach ($files as $file) { /*echo "<pre>"; echo "creating thumb for $file"; echo "</pre>";*/ $minwidth = "150"; $minheight = "150"; $photosize = getimagesize($dir."/".$file); // Get image size and scale ratio $scale = min("150"/$photosize[0], "150"/$photosize[1]); if ($scale < 1) { $width = floor($scale*$photosize[0]); $height = floor($scale*$photosize[1]); } else { $width = $minwidth; $height = $minheight; } if ($photosize['mime']=="image/jpeg") { $resizedimage = imagecreatetruecolor($width, $height); $thumbimage = imagecreatefromjpeg($dir."/".$file); imagecopyresampled($resizedimage, $thumbimage, 0, 0, 0, 0, $width, $height, $photosize[0], $photosize[1]); imagejpeg($resizedimage,$dir."/thumbs/".$file.$thumbtext,100); imageDestroy($resizedimage); imageDestroy($thumbimage); $sql = mysql_query("INSERT INTO albums VALUES('', '".urlencode($_GET['album'])."', '".$_GET['album']."/$file$', '".urlencode($_GET['album'])."/$file$thumbtext', '$date')")or die ('Could not add images to database : ' . mysql_error()); } } } echo count($file); ?> here is the error : Could not add images to database : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's 24th birthday9.jpg$', 'albums%2FMarian%2Cs+birthday+2007/Marian's 24th birthda' at line sample of url = http://server/personal/create_thumbs.php?album=albums/Marian,s%20birthday%202007 sample folder name = Marian's birthday 2007 sample image name = Marian's 24th birthday11.jpg any help would be great Link to comment https://forums.phpfreaks.com/topic/76832-trying-to-add-url-to-mysql-getting-errors/ Share on other sites More sharing options...
Daniel0 Posted November 11, 2007 Share Posted November 11, 2007 Instead of urlencode(), use mysql_real_escape_string(). That will make it safe for use in a query. Link to comment https://forums.phpfreaks.com/topic/76832-trying-to-add-url-to-mysql-getting-errors/#findComment-388995 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.