|
Gypsy Boy
Redeemer



Registered: 03/17/17
Posts: 4,501
Loc: Deep in the discoteka
Last seen: 2 months, 24 days
|
Need some help with PHP!!
#27028831 - 11/08/20 03:31 PM (3 years, 2 months ago) |
|
|
Run into difficulties, been busting my ass all day and figured out why my sql query didn't run.
INSERT INTO ftg (message) VALUES ('Since JRR Tolkien published his mighty head-trip epic in the 1950s, its influence has got everywhere in popular culture: in games, the fantasy genre, and for a while of course in music. Peter Jackson's reverent screen version of Tolkien's first volume,');
Whats wrong with that statement? I'll tell u, it contains a " ' " and it corrupts the whole query!
What do i do?
--------------------
Edited by Gypsy Boy (11/08/20 04:37 PM)
|
Gypsy Boy
Redeemer



Registered: 03/17/17
Posts: 4,501
Loc: Deep in the discoteka
Last seen: 2 months, 24 days
|
Re: Need some MySQL help!! [Re: Gypsy Boy]
#27028883 - 11/08/20 04:15 PM (3 years, 2 months ago) |
|
|
Apparently when you DOUBLE quote VALUE with " instead of ' SQL query runs.
But when i put it into a PHP it gives me this error:
Quote:
Parse error: syntax error, unexpected '$message' (T_VARIABLE) in C:\wamp64\www\bug\ftg_action.php on line 23
Line 23: $sql = ("INSERT INTO ftg (message) VALUES ("$message")");
What gives???
--------------------
|
Gypsy Boy
Redeemer



Registered: 03/17/17
Posts: 4,501
Loc: Deep in the discoteka
Last seen: 2 months, 24 days
|
Re: Need some MySQL help!! [Re: Gypsy Boy]
#27028983 - 11/08/20 05:35 PM (3 years, 2 months ago) |
|
|
Been told to use prepared statements on stack overflow
--------------------
|
Ythan
ᕕ( ᐛ )ᕗ


Registered: 08/08/97
Posts: 18,774
Loc: NY/MA/VT Borderlands
Last seen: 39 minutes, 15 seconds
|
Re: Need some help with PHP!! [Re: Gypsy Boy]
#27029380 - 11/08/20 11:16 PM (3 years, 2 months ago) |
|
|
Prepared statements are the way to go for queries because they help protect against SQL injection attacks and prevent sloppy bugs. But you should know how to use apostrophes/quotes in strings too. The problem you're encountering is that PHP sees the first apostrophe and thinks you're trying to end the string. Like, if you have this code:
Code:
$string = 'It's a test!';
What PHP sees is:
Code:
$string = 'It'
and then thinks everything after is invalid code.
You need to escape the character by adding a backslash so PHP knows to treat it as normal text and not as a string delimiter:
Code:
$string = 'It\'s a test!';
You could also use heredoc syntax which is useful for longer strings:
Code:
echo <<<AnyIdentifierYouWant It's a test! AnyIdentifierYouWant;
|
Gypsy Boy
Redeemer



Registered: 03/17/17
Posts: 4,501
Loc: Deep in the discoteka
Last seen: 2 months, 24 days
|
Re: Need some help with PHP!! [Re: Ythan]
#27029855 - 11/09/20 09:26 AM (3 years, 2 months ago) |
|
|
Quote:
$string = 'It\'s a test!';
My app/site gathers user comments, they cant be putting \ before every word like that! 
Quote:
You could also use heredoc syntax which is useful for longer strings:
What do u mean by that, what's any identifier ?
How would u re write sql insert statment:
$sql = ("INSERT INTO ftg (message) VALUES ("$message")");
?
Thanks dude thanks for help much appreciate
--------------------
|
Ythan
ᕕ( ᐛ )ᕗ


Registered: 08/08/97
Posts: 18,774
Loc: NY/MA/VT Borderlands
Last seen: 39 minutes, 15 seconds
|
Re: Need some help with PHP!! [Re: Gypsy Boy]
#27029897 - 11/09/20 09:54 AM (3 years, 2 months ago) |
|
|
Lol. Obviously you wouldn't depend on your users to properly escape their input. I was just explaining what was wrong with your code because you seemed confused. When programming, you'll frequently encounter the concept of having special characters that need to be escaped.
I would rewrite the SQL query using a prepared statement, as recommended on StackOverflow. There are functions like addslashes() and mysql_real_escape_string() but they're largely deprecated and I intentionally didn't mention them because they'll lead you down the wrong path.
I always try to sprinkle keywords like "heredoc syntax" in my replies so you can Google anything you find confusing. Good luck!
|
Gypsy Boy
Redeemer



Registered: 03/17/17
Posts: 4,501
Loc: Deep in the discoteka
Last seen: 2 months, 24 days
|
Re: Need some help with PHP!! [Re: Ythan]
#27030235 - 11/09/20 01:17 PM (3 years, 2 months ago) |
|
|
Hey,
$sql = ("INSERT INTO ftg (message) VALUES (\"$message\")");
works!
Now i just need to figure out how to do "prepared statements" !
--------------------
|
|