Writing a database query script

[Justinx89x]

I am having problems with this line of my script...
[code] // Performing SQL query
        $query = "INSERT INTO nuke_audio_audio ('title', 'url', 'artist') VALUES ('$arrArtistTitle[1]', 'http://www.dxcr.com/audio/tones/$filename', '$arrArtistTitle[0]'";
        echo $result = mysql_query($query) or die('Query failed: ' . mysql_error());[/code]

I get an error that says...
Query failed: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near ''title', 'url', 'artist') VALUES

The script I am making takes a bunch of music files and puts them into a database

[shimano55]

Take out the single quotes around title, url, and artist.

By the way, you also need to add another ) after '$arrArtistTitle[0]'.

[Justinx89x]

[!--quoteo(post=367798:date=Apr 23 2006, 06:44 PM:name=shimano55)--][div class=\'quotetop\']QUOTE(shimano55 @ Apr 23 2006, 06:44 PM) [snapback]367798[/snapback][/div][div class=\'quotemain\'][!--quotec--]
Take out the single quotes around title, url, and artist.

By the way, you also need to add another ) after '$arrArtistTitle[0]'.
[/quote]

Thanks for your help, but now I am recieving another error. It says...
Query failed: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 've Got)', 'http://www.dxcr.com/audio/tones/A Tribe Called Quest

[shimano55]

Did you add the )????

Your code should look like:
[code] // Performing SQL query
        $query = "INSERT INTO nuke_audio_audio (title, url, artist) VALUES ('$arrArtistTitle[1]', 'http://www.dxcr.com/audio/tones/$filename', '$arrArtistTitle[0]')";
        echo $result = mysql_query($query) or die('Query failed: ' . mysql_error());[/code]

Is that how it looks?

-shimano55

[Justinx89x]

[!--quoteo(post=367800:date=Apr 23 2006, 06:53 PM:name=shimano55)--][div class=\'quotetop\']QUOTE(shimano55 @ Apr 23 2006, 06:53 PM) [snapback]367800[/snapback][/div][div class=\'quotemain\'][!--quotec--]
Did you add the )????

Your code should look like:
[code] // Performing SQL query
        $query = "INSERT INTO nuke_audio_audio (title, url, artist) VALUES ('$arrArtistTitle[1]', 'http://www.dxcr.com/audio/tones/$filename', '$arrArtistTitle[0]')";
        echo $result = mysql_query($query) or die('Query failed: ' . mysql_error());[/code]

Is that how it looks?

-shimano55
[/quote]

Yeah that fixed the problem, I realized that right after I posted the message. It looks like it works now, but I am now faced with another problem. My script will malfunction when it sees a single quote(') in any filename. Any ideas how to make it ignore that?

[shimano55]

Is the malfunction detected around the mysql_query part? Because I am skeptical about ur url declaration.

Otherwise, you usually have to escape single and double quotes. A good way to take care of this would be:
[code]$filename = "Nirvana - Jesus Doesn't Want Me For a Sunbeam"; //notice the single quote
$filename = mysql_escape_string($filename); //this will add slashes before quotes and other special chars
[/code]

That should do the trick if that's where the problem is.

-shimano55

[Justinx89x]

Tried that, but still it is still giving me trouble when trying to access a file that has a single quote.

Here is the error I am getting.

Query failed: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 've Got)', 'http://www.dxcr.com/audio/tones/A Tribe Called Quest

Here is how I setup the code.

[code]// Performing SQL query
        $query = "INSERT INTO nuke_audio_audio (title, url, artist) VALUES ('$arrArtistTitle[1]', 'http://www.dxcr.com/audio/tones/$filename', '$arrArtistTitle[0]')";
        $filename = "Nirvana - Jesus Doesn't Want Me For a Sunbeam";
        $filename = mysql_escape_string($filename);
        echo $result = mysql_query($query) or die('Query failed: ' . mysql_error());[/code]