OK this should be really obvious but I just can't figure it out. I have
a script that opens a file, reads it line by line and inserts the
contents into a database. I know I need to use mysql_real_escape_string
to properly escape the contents but I don't know where exactly to place
it in the script.
Any pointers, liks, guidance etc gratefully received!
Alan
*CODE:*
//Input check file
$filename="input/w2wcheck.txt";
echo "<h2>$filename</h2>";
# Open file
$fptr = fopen($filename, "r");
# Check if file is open
if($fptr) {
$current_line = fgets($fptr,4096);
$retval = TRUE;
echo "open";
while($current_line && $retval)
{
list(
$UNIQUEID ,
$ASSETID ,
$CNF
) = explode(",",$current_line);
$query = "insert into invw2wcheck (
UNIQUEID ,
ASSETID ,
CNF
)
values
(
'$UNIQUEID',
'$ASSETID ',
'$CNF'
)";
$result = mysql_query($query);
if(!$result)
{
echo "<h1>Processing halted due to Error No:";
echo mysql_errno().": ";
echo mysql_error()."<BR>";
echo "</h1>";
$retval = FALSE;
die;
}
elseif(mysql_affected_rows() == 0)
{
$retval = FALSE;
die;
}
$current_line = fgets($fptr,4096);
}
}
fclose($fptr);
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
