The apostrophe (') in your data is, most likely, killing the SQL statement
when it is sent to the server. Use addslashes() around all of your form data
to prevent this and also to help guard against SQL injection attacks.
Ex:
$add = "INSERT INTO movies SET
movie_name='".addslashes($movie_name)."',
genre='".addslashes($genre)."',
director='".addslashes($director)."',
star1='".addslashes($star1)."',
star2='".addslashes($star2)."',
star3='".addslashes($star3)."',
brief_synopsis='".addslashes($brief_synopsis)."',
imdb_link='$imdb_link'";
Hope this helped.
Rich
-----Original Message-----
From: Andrew Rothwell [mailto:andrew@xxxxxxxxxxxxxxxxxx]
Sent: Sunday, June 13, 2004 1:48 PM
To: php-db@xxxxxxxxxxxxx
Subject: RE: Mysql not receiving the data
Hi Larry, Thank you very much for the very quick response, I set my php.ini
file (located /etc/php.ini ) for the register_globals = On (it was off by
default)
Now however I get an error
Error adding entry: You have an error in your SQL syntax near 's spanish
driver is found shot dead, Inspector Jacques Clouseau is the first off' at
line 8
My Database is a movie database of my dvd's that I own (for insurance
reasons)
My addmovie.php is this
<?
mysql_connect("localhost","username","password");
mysql_select_db("movies");
$add = "INSERT INTO movies SET
movie_name='$movie_name',
genre='$genre',
director='$director',
star1='$star1',
star2='$star2',
star3='$star3',
brief_synopsis='$brief_synopsis',
imdb_link='$imdb_link'";
if (@mysql_query($add))
{
echo("<p>Your entry has been added. <br>
$movie_name</p>");
}
else
{
echo("<p>Error adding entry: " .
mysql_error() . "</p>");
}
?>
And the addmovie.htm page (atleast the form action is this)
<body bgcolor="#FFFFFF">
<form method="post" action="addmovie.php" name="addmovies">
<table width="300" border="0" cellspacing="2" cellpadding="2"
bordercolordark="#FF0033" bordercolorlight="#FFFF66">
<tr>
<td width="41%" bgcolor="#999999">Movie Name </td>
<td width="59%" bgcolor="#99FFCC">
<input type="text" name="movie_name">
</td>
</tr>
Andrew
-----Original Message-----
From: Larry E. Ullman [mailto:LarryUllman@xxxxxxxxxxxxxxx]
Sent: Sunday, June 13, 2004 11:22 AM
To: Andrew Rothwell
Cc: php-db@xxxxxxxxxxxxx
Subject: Re: Mysql not receiving the data
> Online I could see everything, and the pages gave the appearance of
> working, however when I went into the DB using PHPMYADMIN to check the
> status of the new data entered, all I found was blank rows ( for the
> new data since the rebuild, all the old data was there) There were the
> correct number of new rows for the amount of records that I had
> entered, which tells me (unless I am nistaken) that the PHP is talking
> to the DB, and is atleast sending a insert command, but the rest of
> the data is not getting in. -
Without seeing any code whatsoever and since this worked before but no
longer works on a new install, I can only assume that your code was written
with the assumption that register_globals was turned on and it's not on in
your current configuration.
If that is the case, see the PHP manual or search the Web for the solution
($_POST, $_GET, etc.).
Larry
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
