user547995
Reputation: 2085
mysql real escape string error
Code:
mysql_query("INSERT INTO Account(User,
Pw, email)
VALUES('mysql_real_escape_string($_POST[user])',
'$pw','mysql_real_escape_string($_POST[email])
) ") or die(mysql_error());
Error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''mysql_real_escape_string(123) )' at line 1
Please help
Upvotes: 0
Views: 1627
Answers (2)
Your Common Sense
Reputation: 157870
Do not stuff all your code into one line.
You don't have to pay for each additional operator. Write distinctly.
$user = mysql_real_escape_string($_POST['user']);
$email = mysql_real_escape_string($_POST['email']);
$pw = mysql_real_escape_string($pw);
$query = "INSERT INTO Account(User,Pw, email) VALUES ('$user','$pw','$email')";
mysql_query($query) or trigger_error(mysql_error().$query);
Upvotes: 0
John Coates
Reputation: 476
The problem is that you're quoting a PHP command, so it never gets passed to PHP
try this
mysql_query("INSERT INTO Account(User, Pw, email) VALUES('".mysql_real_escape_string($_POST[user])."', '$pw','".mysql_real_escape_string($_POST[email])."' ) ") or die(mysql_error());
but your $_POST[user] calls might also fail if user isn't a defined constant, so maybe try this
mysql_query("INSERT INTO Account(User, Pw, email) VALUES('".mysql_real_escape_string($_POST['user'])."', '$pw','".mysql_real_escape_string($_POST['email'])."' ) ") or die(mysql_error());
Upvotes: 3
Related Questions
- MYSQL variable and escape string issue
- PHP MySql Real Escape String not working
- Error in mysql_real_escape-string function not escaping the special character
- Issue with mysql_real_escape_string
- mysql_real_escape_string error
- MySQL syntax error on escaped string
- MySQL Real escape string
- Problems with mysql_real_escape_string
- mysql_real_escape_string ISSUE
- error using mysql escape string