On Wed, Jul 1, 2009 at 11:23 AM, Andrew Ballard<aballard@gmail.com> wrote:
> On Wed, Jul 1, 2009 at 10:56 AM, Miller,
> Terion<tmiller@springfi.gannett.com> wrote:
>> Why doesn't this work?
>>
>>
>> $query = "SELECT * FROM `restaurants` WHERE name ='$ucName' AND
>> address = '$ucAddress' " ;
>>
>> $result = mysql_query($query) or die(mysql_error());
>>
>>
>> echo $result;
>> $row = mysql_fetch_array ($result);
>>
>>
>>
>> $sql = "INSERT INTO `restaurants` (name, address, inDate, inType, notes,
>> critical, cviolations, noncritical) VALUES (" ;
>> $sql .= " '$ucName',
>> '$ucAddress', '$inDate', '$inType', '$notes', '$critical',
>> '$cleanViolations', '$noncritical')";
>>
>>
>>
>> $result = mysql_query($sql) or die(mysql_error());
>>
>> The error I keep getting is:
>>
>> You have an error in your SQL syntax; check the manual that corresponds to
>> your MySQL server version for the right syntax to use
>>
>> And I have gone in the mySQL panel and let it make the query ....so I'm
>> really stumped why it hangs ...
>>
>>
>>
>
> The last example you posted said:
>
> You have an error in your SQL syntax; check the manual that
> corresponds to your MySQL server version for the right syntax to use
> near 's Roast Beef Restaurant #9459', ' 1833 W Republic Rd ',
> '3/2/09', '' at line 1
>
> This indicated that the value for $ucName contained an
> apostrophe/single-quote character. (Perhaps it was supposed to be
> "Arby's Roast Beef Restaurant #9459"?).
>
> Try this:
>
> <?php
>
> $data = array($ucName, $ucAddress, $inDate, $inType, $notes,
> $critical, $cleanViolations, $noncritical);
>
> $sql = vprintf("INSERT INTO `restaurants` (name, address, inDate,
> inType, notes, critical, cviolations, noncritical) VALUES ('%s', '%s',
> '%s', '%s', '%s', '%s', '%s', '%s')",
> array_map('mysql_real_escape_string', $data));
>
> $result = mysql_query($sql) or die(mysql_error());
>
> ?>
>
oops = make that vsprintf(), not vprintf();
Andrew
|