FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


mysql_real_escape_string not working?





welshsteve
Hi everyone,

I have the following form which has been working fine for over a year. Now all of a sudden this week, it no longer works. Instead I get a syntax error which is being caused by there being apostrophe's in the text I'm trying to add to the database. As you can see from the code I am using mysql_real_escape_string so I don't understand why it is suddenly doing this.

FORM
Code:

<form method="post" action="report_s_add_do.php">
<p>Competition: <select name="comp" id="comp">
   <option value="Premier Division">Premier Division</option>
   <option value="A Division">A Division</option>
   <option value="B Division">B Division</option>
   <option value="Individual Competitions">Individual Competitions</option>
   <option value="League Handicap Competitions">Handicap Cups</option>
   <option value="General News">General News</option>
</select></p>
<p>Headline: <input type="text" class="fieldtxt" size="28" name="headline" id="headline" /></p>
<p>Report:<br /><textarea name="report" id="report" cols="50" rows="5"></textarea>
<p><input type="submit" name="btnSubmit" id="btnSubmit" class="btn" value="Add Report" /></p>
</form>


CODE TO HANDLE THE DATA
Code:

<?php

$comp = $_POST['comp'];
$headline = $_POST['headline'];
$report = $_POST['report'];

$con = mysql_connect("SERVER_ADDRESS","DB_USER","DB_PASSWORD");
if (!$con)
  {
  die('Could not connect: ' . mysql_error() . '<br /><br />Database error');
  }

mysql_select_db("DB_NAME", $con);

$sql = sprintf("INSERT INTO Snooker_Report (Comp, Headline, Report) VALUES ('$comp','$headline','$report')",
            mysql_real_escape_string($comp),
            mysql_real_escape_string($headline),
            mysql_real_escape_string($report));
         
if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
echo "<p>The report has been added.</p>";
echo "<p><a href='report_s_add.php'>Add Another</a></p>";
echo "<p><a href='admin.php'>Snooker Admin</a></p>";

mysql_close($con);

?>


Many thanks for any help
welshsteve
I think I've resolved this for now by slightly changing when the escaping occurs. See my new code below.

Code:


<?php

$comp = $_POST['comp'];
$comp = mysql_real_escape_string($comp);
$headline = $_POST['headline'];
$headline = mysql_real_escape_string($headline);
$report = $_POST['report'];
$report = mysql_real_escape_string($report);

$con = mysql_connect("SERVER_ADDRESS","DB_USER","DB_PASSWORD");
if (!$con)
  {
  die('Could not connect: ' . mysql_error() . '<br /><br />Database error');
  }

mysql_select_db("DB_NAME", $con);


$sql = "INSERT INTO Snooker_Report (Comp, Headline, Report) VALUES ('$comp','$headline','$report')";

if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
echo "<p>The report has been added.</p>";
echo "<p><a href='report_s_add.php'>Add Another</a></p>";
echo "<p><a href='admin.php'>Snooker Admin</a></p>";

mysql_close($con);

?>
Related topics
mysql_real_escape_string question
My Subdomain still not working :(
site not working
My subdmain seems to be not working.
phpBB Not Working
[RESOLVED] Cpanel not working?
please provide feedback for http://sanghvitrades.frihost.net
[RESOLVED] Mailing list not working
domain name not working
[RESOLVED] trying to host a .com.au domain! help found!
Deleted public_html
Working with a Designer
Password Not Working
Domain stoped working
Reply to topic    Frihost Forum Index -> Scripting -> Php and MySQL

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.