Dear Sir/madam,
I have a problem which I don't seem to be able to resolve, so I hope you
can.
I have a simple html form which 'posts' variables to the following
script.......
-----------------------------------------------
<?php
$username="***";
$password="***";
$database="***";
$name = ($_POST['name']);
$email = ($_POST['email']);
$comments = ($_POST['comments']);
mysql_connect("humbug",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO remarks VALUES ('','$name','$email','$comments')";
mysql_query($query);
mysql_close();
?>
----------------------------------------------
This in turn sends the data to my database, everything works fine until
someone enters an apostrophe, then it fails to send the data.
I have searched for the answer and it appears to be to use
mysql_real_escape_string but when I apply that like this
----------------------------------------------
<?php
$username="***";
$password="***";
$database="***";
$name = mysql_real_escape_string ($_POST['name']);
$email = mysql_real_escape_string ($_POST['email']);
$comments = mysql_real_escape_string ($_POST['comments']);
mysql_connect("humbug",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO remarks VALUES ('','$name','$email','$comments')";
mysql_query($query);
mysql_close();
?>
----------------------------------------------
the script fails with the following report Warning:
mysql_real_escape_string(): Can't connect to local MySQL server through
socket '/var/run/mysqld/mysqld.sock' (2)
Any help would be appreciated.
Regards
Ian Scales
