mworkman Posted November 5, 2010 Share Posted November 5, 2010 I have having a problem getting a mysql query to work. If I just use mysql_query it looks like this and works fine: INSERT INTO schedule (schedule_pk, schedule_month, schedule_day, schedule_year, schedule_hour, schedule_minute, schedule_type, employeenumber) VALUES ( NULL, 10, 10, 1999, 12, 6, 'DayIn', 3); If I put it through mysql_real_escape_string it turns it to this and does not work when I put it into mysql_query: INSERT INTO schedule (schedule_pk, schedule_month, schedule_day, schedule_year, schedule_hour, schedule_minute, schedule_type, employeenumber) VALUES ( NULL, 10, 10, 1999, 12, 6, \'DayIn\', 3); aka: $query = "INSERT INTO...." mysql_query($query); that works, but: $query = "INSERT INTO...." $sqlQuery = mysql_real_escape_string($query, $con); mysql_query($sqlQuery); results in the error. mysql_query($query); The error is: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'DayIn\', 3)' at line 1 Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted November 5, 2010 Share Posted November 5, 2010 That's the wrong way to use mysql_real_escape_string(). You use it on the individual values, not the whole query string. (Moving thread to PHP coding help . . . ) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.