It's not the ")" characters, it's the quotes - make sure you addslashes() to all the variables. Also make sure you don't double-slash - depending on your php.ini settings, PHP may automatically slash incoming variables.
Bogdan Mike Fifield wrote: > This is a query that I am sending to mysql. The problem is that sometimes in > the variable "$message" characters like ")" will get posted and when they do > it makes mysql die. I can only assume that mysql thinks that the ")" in the > $message variable is meant to close the sql query, but I am having trouble > figuring out how to avoid this. I suppose I could use a regex to replace all > special characters with something more sql friendly but I am hoping there is > a better way to do this. Thanks for any help. > > > > mysql_query("insert into guestbook > (gb_entry_id,date,name,email,website_name,website_url,message) values > ('',CURDATE(),'$name','$email','$website_name','$website_url','$message')") > or die (mysql_error()); > > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php