It's not the ")" characters, it's the quotes - make sure you 
addslashes() to all the variables. Also make sure you don't double-slash 
- depending on your php.ini settings, PHP may automatically slash 
incoming variables.


Mike Fifield wrote:
> This is a query that I am sending to mysql. The problem is that sometimes in
> the variable "$message" characters like ")" will get posted and when they do
> it makes mysql die. I can only assume that mysql thinks that the ")" in the
> $message variable is meant to close the sql query, but I am having trouble
> figuring out how to avoid this. I suppose I could use a regex to replace all
> special characters with something more sql friendly but I am hoping there is
> a better way to do this. Thanks for any help.      
> mysql_query("insert into guestbook
> (gb_entry_id,date,name,email,website_name,website_url,message) values
> ('',CURDATE(),'$name','$email','$website_name','$website_url','$message')")
> or die (mysql_error());

PHP General Mailing List (
To unsubscribe, visit:

Reply via email to