Hi,
I get catalogue information from my distributer via an xml feed.
I have parsed the DOM and stripped out all the info I need.
The variable $description_full contains the products full description in html form.
The problem I have is when I execute the query:
$query = sprintf("INSERT INTO products_description (products_name, products_description)
VALUES ('$description_title', '$description_full')");
if $description_full has " (double quotes) or ' (single quote) the query fails.
How can I escape these characters?
I've trided:
\"$description_full\"
$description_full = str_replace("'", "''", $description_full); (replaces single ' with two single quotes '')
$description_full = str_replace("'", "", $description_full); (remove single ' this resulted in an empty query)
and a bunch of other things.
I'm not sure how I can insert the description into the database...
Thanks in advance.
Chuck
Thread: sql insert query help
Results 1 to 2 of 2
-
27 Jul 2011, 06:23 PM #1
New Zenner
- Join Date
- Apr 2011
- Posts
- 4
- Plugin Contributions
- 0
sql insert query help
-
27 Jul 2011, 09:59 PM #2
New Zenner
- Join Date
- Apr 2006
- Posts
- 16
- Plugin Contributions
- 0
Re: sql insert query help
You need to escape the string. Either of these PHP functions should do the trick:
$description_title = mysql_real_escape_string($description_title);
Reply With QuoteSimilar Threads
-
v154 Help with a SQL Query for Query Builder
By lindasdd in forum Managing Customers and OrdersReplies: 2Last Post: 24 Mar 2016, 01:18 PM -
SQL query help
By petek in forum General QuestionsReplies: 6Last Post: 23 May 2010, 10:57 AM -
How to insert products by SQL query?
By zildjian in forum Setting Up Categories, Products, AttributesReplies: 6Last Post: 28 Feb 2009, 12:47 AM -
Help with a sql query
By batteryman in forum General QuestionsReplies: 21Last Post: 3 Oct 2008, 11:12 PM
