you need to use the addslashes() command which will escape the quote mark
for you, so something like
$query="insert into trivia (trivia) values ('" . addslashes($line) . "')";
however, you will find that on a machine which is configured with
magic_quotes_gpc turned on, you will end up with something like
"The average person\'s left hand does 56% of the typing."
coming back out of your database, because it will actually insert
"The average person\\'s left hand does 56% of the typing." (i *think*)
so, what i have found is the best thing to do from a portability viewpoint
is write a function something along the lines of (obviously pseudo-code)
function check_quotes( $string ) {
if magic quotes are turned off // there is a variabel you can check for
this...
return $string;
else
return addslashes($string);
}
then rather than using
$query="insert into trivia (trivia) values ('" . addslashes($line) . "')";
and risk having things doubleshashed, you can use
$query="insert into trivia (trivia) values ('" . check_quotes($line) . "')";
and it will turn out properly whether magic_quotes_gpc is turned on or off
ok, enough of me going on and on
good luck and have fun
may the php be with you :)
// -----Original Message-----
// From: Subodh Gupta [mailto:[EMAIL PROTECTED]]
// Sent: Friday, 27 April 2001 2:44 PM
// To: PHP DB; PHP Gen
// Subject: [PHP-DB] How can this be done?
//
//
// Hi All,
//
// I created a table using the create command.
//
// create table trivia
// (
// entry_id integer not null auto_increment,
// trivia text null
// );
//
// Now I have a fle tvia.txt, the content of which are as follows:
//
// The average person's left hand does 56% of the typing.
// The longest one-syllable word in the English language is "screeched".
// All of the clocks in the movie "Pulp Fiction" are stuck on 4:20.
// No word in the English language rhymes with month, orange,
// silver, or purple.
//
// I want to insert each line of the file in a new row in the table.
//
// I wrote the following code for it.
//
// <?php
// include "db.php";
// dbconnect("guestbook2k");
// $fcontents=file("tvia.txt");
// while (list ($line_num, $line) = each ($fcontents)) {
// $query="insert into trivia (trivia) values ('$line')";
// $result = mysql_query($query)
// or die("Query failed: "
// ."<li>errorno=".mysql_errno()
// ."<li>error=".mysql_error()
// ."<li>query=".$query
// );
// echo "<b>Line $line_num:</b> ". $line . "<br>\n";
// }
// ?>
//
// I got the following error.
// Query failed:
// errorno=1064
// error=You have an error in your SQL syntax near 's left hand
// does 56% of the typing. ')' at line 1
// query=insert into trivia (trivia) values ('The average person's
// left hand does 56% of the typing. ')
//
// Now I know that I got the error because there was ( ' ) in the
// first line. So how do I prevent this. Or in other words insert into
// the table text containing
// ( ' ) and ( " ) or for that matter any metacharacter.
//
// Thank You in Advance.
//
// Subodh Gupta
// I have learned, Joy is not in things, it is in us.
// You will ultimately be known by what you give and not what you get.
//
//
//
// --
// PHP Database Mailing List (http://www.php.net/)
// To unsubscribe, e-mail: [EMAIL PROTECTED]
// For additional commands, e-mail: [EMAIL PROTECTED]
// To contact the list administrators, e-mail: [EMAIL PROTECTED]
//
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
