It's not the ")" characters, it's the quotes - make sure you
addslashes() to all the variables. Also make sure you don't double-slash
- depending on your php.ini settings, PHP may automatically slash
incoming variables.
Bogdan
Mike Fifield wrote:
> This is a query that I am sending to mysql. The problem is that sometimes in
> the variable "$message" characters like ")" will get posted and when they do
> it makes mysql die. I can only assume that mysql thinks that the ")" in the
> $message variable is meant to close the sql query, but I am having trouble
> figuring out how to avoid this. I suppose I could use a regex to replace all
> special characters with something more sql friendly but I am hoping there is
> a better way to do this. Thanks for any help.
>
>
>
> mysql_query("insert into guestbook
> (gb_entry_id,date,name,email,website_name,website_url,message) values
> ('',CURDATE(),'$name','$email','$website_name','$website_url','$message')")
> or die (mysql_error());
>
>
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
