Tom Chubb wrote:
Complete code...
<snip>
$insertSQL = "INSERT INTO cars (model, `year`, details, price, image1,
image2, image3, forsale) VALUES ($_POST['model'], $_POST['year'],
$_POST['details'], $_POST['price'], $_FILE['image']['name'][0],
$_FILE['image']['name'][1], $_FILE['image']['name'][2], $_POST['forsale'])";
</snip>
Looks like a problem with your input data. Escape it. You should be
escaping it anyway, and not putting raw user input into your db.
The reason for the single quotes around the year is something to do with
Dreamweaver's insert wizard.
"year" is a special word in MySQL. The back ticks are to let MySQL know
that it's a column name. Without the back ticks, MySQL will 'guess',
but that can cause problems...best to just back tick all the column
names anyway.
--
John C. Nichel IV
Programmer/System Admin (ÜberGeek)
Dot Com Holdings of Buffalo
716.856.9675
jnichel@xxxxxxxxxxxxxxxxxxxxxxxxxxx
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
