a quick mydql quesion

[corillo181]

i know i could use the ge tmethod to send into mysql the question is how? i tried my way and it doesn't get me no where.. i dont' know wher eot put the double quote or single.. here is the query

[code]$sql=mysql_query("INSERT INTO guestbook(name, comment, datetime)VALUES($_GET['picname'],'$comment', '$datetime')")or die(mysql_error());[/code]
i put the get method with out any quote so you can tell me in wich way i jhave to put single or double first..

thanx :)

and i know i can do it with variable i just want to know how to do it like that..

[.josh]

i suggest you do this. it makes all the quotes a bit less confusing. but i strongly advise against inserting a $_GET variable directly into a sql query. you should take $nameofpic and do lots of things with it, like stripslahes/striptags, etc... to prevent sql injection.

$nameofpic = $_GET['picname'];
$sql=mysql_query("INSERT INTO guestbook(name, comment, datetime) VALUES ('$nameofpic','$comment', '$datetime')")or die(mysql_error());

[corillo181]

ok i'll take your wor dfor it.. but i put this a sonly if the sumit bottum is pressed to inser it in to the database but still it get sent into the data bas eeven if is not pressed..

[code]if(isset($_POST['Submit'])){
$sql1=mysql_query("INSERT INTO guestbook(name, comment, datetime)VALUES('$getpic','$comment', '$datetime')")or die(mysql_error());
}
?>[/code]

[corillo181]

forget it i got it..