[SOLVED] Problems with serializing and semicolon

[Michan]

Hi,

 

I'm having problems sending a serialized chunk of text to the database, and I believe it's due to the semicolon.

 

$general = serialize($_POST['general']);

mysql_query('UPDATE users SET general = "'.$general.'" WHERE userid ='.$_POST['userid']) or die(mysql_error());

 

The error I'm delivered with is:

"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'name";s:0:"";s:9:"residence";s:0:"";s:11:"nationality";s:0:"";s:5:"likes";s:0:""' at line 1"

 

Could somebody please help me here?

 

Many thanks in advance.

 

- Mi

[Orio]

Try it this way:

 

<?php

$general = serialize($_POST['general']);
mysql_query("UPDATE users SET general = '".$general."' WHERE userid ='".$_POST['userid']."'") or die(mysql_error());

?>

 

 

If that still produces the error, run this and post here the output you got (the error).

 

<?php

$general = serialize($_POST['general']);
$query = "UPDATE users SET general = '".$general."' WHERE userid ='".$_POST['userid']."'";
mysql_query($query) or die($query."<br />".mysql_error());

?>

 

 

Orio.

[Daukan]

You have to run mysql_real_escape_string() after you serialize.

[Michan]

Try it this way.

 

Orio.

 

Thanks Orio, it works perfectly! I can't believe I didn't think of that.

 

Solved!