On Thu, 16 Oct 2003, Adam Reiswig wrote: > $sql="insert into $table set Name = '$_POST["elementName"]'"; > > Unfortunately this and every other combination I can think of, > combinations of quotes that is, does not work. I believe the source of > the problem is the quotes within quotes within quotes. I also tried: > > $sql='insert into $table set Name = '.$_POST["elementName"]; > or > $sql="insert into $table set Name = ".$_POST['elementName']; You need to quote the Name. $sql = 'insert into '.$table.' set Name = "'.addslashes($_POST['elementName']).'"'; You've done everything here that you need, no extra variables, no nothing. Register_Globals is bad -- if you can avoid using it, do so. Performance-wise, it is better to use single quotes and concat the variables outside of the quoted line. Better performance, less problems with variables not being expanded correctly. Beckman --------------------------------------------------------------------------- Peter Beckman Internet Guy beckman@purplecow.com http://www.purplecow.com/ --------------------------------------------------------------------------- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
