Loosing characters when posting to MySql

[petenetman]

Say I have:

$vSQL .= "Message=" . chr(34) . $Message . chr(34) .   and the $Message contains \\myserver\inetpub\www\

When I post to MySql I get \myserverinetpubwww I have no idea why. I know the chr(34) takes out the single quotes around text in the $Message. All I want to do is to post to MySql whatever is in the text field.

[trq]

Take a look at mysql_real_escape_string().

[petenetman]

I must be having a little 'Thicko' day - Sorry

Let me explain a little better....

This code is as follows:

if ( $JobNo > 0) {   $vSQL = "UPDATE worklog SET RepBy='" . $RepBy . "', Contact='" . $Contact . "', "; $vSQL .= "Message=" . chr(34) . $Message . chr(34) . ", Handled='" . $Handled . "', Detail=" . chr(34) . $Detail . chr(34) . ", "; $vSQL .= "CompletedIT='" . $CompletedIT . "', Priority='" . $Priority . "', JobGroup='" . $JobGrp . "' , "; $vSQL .= "CatType='" . $CatType . "', CatDate='" . $CatDate . "' "; $vSQL .= "WHERE JobNo=" . $JobNo;

 

The $Message field and the $Detail field can contain any text character. After moving from a UNIX box to windows I had to change the $message to chr(34) as MySql fell over the something like 'ReadMe' as used in the test field. I am trying to find a string that goes around both $fields so MySql can handle the update.

 

Thanks Pete

[trq]

Did you look at the link I posted?

[petenetman]

Yes I did, but couldn't find a piece of code I could use to place either side of my 2 fields without having to rewrite the complete statement.

 

Pete

[trq]

if ( $JobNo > 0) {

  $Message = mysql_real_escape_string($Message);
  $Detail = mysql_real_escape_string($Detail);

  $vSQL = "UPDATE worklog SET RepBy='" . $RepBy . "', Contact='" . $Contact . "', ";
  $vSQL .= "Message=" . chr(34) . $Message . chr(34) . ", Handled='" . $Handled . "', Detail=" . chr(34) . $Detail . chr(34) . ", ";
  $vSQL .= "CompletedIT='" . $CompletedIT . "', Priority='" . $Priority . "', JobGroup='" . $JobGrp . "'
, ";
  $vSQL .= "CatType='" . $CatType . "', CatDate='" . $CatDate . "' ";
  $vSQL .= "WHERE JobNo=" . $JobNo;

[petenetman]

I'm afraid

 

  $Message = mysql_real_escape_string($Message);

  $Detail = mysql_real_escape_string($Detail);

 

Did not help. Neither did it stop my page from working. Would it be something to do with the version of PHP that I've got installed? It's v4

 

Pete

[chum]

mostly likely yes,

mysql_real_escape_string function is relatively new,

 

[petenetman]

Surly there must be a way to send any type of characters to a MySql table field?

 

???

[petenetman]

Is it quite easy to upgrade from PHP v4 to V5?

[trq]

If you dont have mysql_real_escape_string() you can use addslashes in this case.

 

Is it quite easy to upgrade from PHP v4 to V5?

 

Depends on your OS really but yeah, Id'e recommend it. php4 is no longer supported by the php devs.

[petenetman]

Thanks for that... I can't use the add slashes in this case bacuses anything can be placed in the $message field i.e. [Hello this 'is' my name] or [web sever address \\myserver\inetpub\www]