CODEWITHSUNDEEP
phpmysqlloops
Loztaz
Loztaz

Reputation: 35

Save file_get_contents in database

I want to save 10.000 pages in my site's database.

When I run the file, this error occurs for every page.

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '_trackPageLoadTime']);(function() {var ga = document.createElement("script"); ga' at line 1

I think there are some characters that are causing the error.

savedb.php

<?php 
include "conexao.php";

for ($nr=1; $nr<=10000; $nr++){
    $url = "http://www.site.com/u$nr";
    $html = file_get_contents($url);

    set_time_limit(120);

    $tabela_bd = "paginas";

    $sql = mysql_query("INSERT INTO $tabela_bd(html) VALUES('$html')");
    if ($sql) {echo "Cadastrado com sucesso!!";
} else {
echo "Falha ao cadastrar.".mysql_error();
}

}

?>

@edit Solved my problem with characters, but now some tables are being saved without content.

Upvotes: 0

Views: 4768

Answers (5)

user20232359723568423357842364
user20232359723568423357842364

Reputation: 4634

You should use mysql_real_escape_string in your situation as demonstrated below. 

<?php 
include "conexao.php";

for ($nr=1; $nr<=10000; $nr++){
    $url = "http://www.power-pixel.net/u$nr";
    $html = file_get_contents($url);

    // escape the string
    $html = mysql_real_escape_string($html);

    set_time_limit(120);

    $tabela_bd = "paginas";

    $sql = mysql_query("INSERT INTO $tabela_bd(html) VALUES('$html')");
    if ($sql) {
      echo "Cadastrado com sucesso!!";

    } else {
      echo "Falha ao cadastrar.".mysql_error();
    }

}

?>

Upvotes: 0

leftclickben
leftclickben

Reputation: 4614

Don't use the deprecated mysql_* functions. Use the mysqli_* functions instead.

Even better, use an abstraction library such as PDO, which supports the use of placeholders. This automatically applies escaping as required. See:

http://php.net/manual/en/book.pdo.php

Examples of use of placeholders:

http://www.php.net/manual/en/pdo.prepare.php

In your case, maybe this:

$stmt = $pdo->prepare("insert into $tabela_bd( html ) values ( :html )");
$stmt->bindValue('html', $html);
$stmt->execute();

Upvotes: 3

Achrome
Achrome

Reputation: 7821

Your files seem to have escape characters in them like \ or ;. What you would need to do is to make sure that these characters don't interfere with the query.

Use this

$html = mysql_real_escape_string($html);
$sql = mysql_query("INSERT INTO $tabela_bd(html) VALUES('$html')");

Upvotes: 1

Tobias
Tobias

Reputation: 1682

You need to escape your $html variable:

$sql = mysql_query("INSERT INTO $tabela_bd(html) VALUES('" . mysql_real_escape_string($html) . "')");

Upvotes: 0

Cjueden
Cjueden

Reputation: 1200

You're not escaping the special characters in the html. Try mysql_escape or something of the like.

Upvotes: 0

Related Questions