2007. 05. 25, péntek keltezéssel 11.32-kor Rahul Sitaram Johari ezt
írta:
> Ave,
>
> I¹m inserting values out of an array into mySQL. There¹s other values
> besides the array values that are being inserted as well. This is my simple
> INSERT code:
>
> $sql = "INSERT INTO db
> (Date,Time,Phone,Account,AccountType,RateClass,VoltLevel,IsoZone,TaxDist,Loa
> dProfile,ServiceName,ServiceAddress,ServiceCity,ServiceState,ServiceZip,Dema
> nd,Kwh,Cost) VALUES ('$dt','$tm','$thephone','".implode("','",
> array_values($var))."')";
>
> $var can contain values that have special characters that I need to escape.
> I¹d like to use mysql_escape_string() but I¹m not sure how to integrate
> mysql_escape_string here with the INSERT statement. I tried it, but it¹s not
> working. Any clues?
you should do the escaping before assembling the INSERT statement
a useful tool for this is array_map():
http://hu.php.net/array_map
then you can use the above method for creating the query string
greets
Zoltán Németh
>
> Thanks.
>
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Rahul Sitaram Johari
> CEO, Twenty Four Seventy Nine Inc.
>
> W: http://www.rahulsjohari.com
> E: sleepwalker@xxxxxxxxxxxxxxxx
>
> ³I morti non sono piu soli ... The dead are no longer lonely²
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
