Reputation: 1200
MySQL is giving a 1064 on an escaped string.
$date is set above.
$article_clean = mysqli_real_escape_string($dbc,$article);
$guid_clean= mysqli_real_escape_string($dbc,$guid_clean);
$pub_date_clean = mysqli_real_escape_string($dbc,$pub_date);
$title_clean = mysqli_real_escape_string($dbc,$title);
$query = "INSERT INTO blog_post (date,article,link,pub_date,title) VALUES ('$date',$article_clean','$guid_clean','$pub_date_clean','$title_clean')";
mysqli_query($dbc, $query);
Why?
Upvotes: 0
Views: 320
Reputation: 882386
$query = "INSERT INTO blog_post (blah blah) VALUES ('$date',$article_clean', ...)";
^
You have no opening quote for this argument. You need to add one.
On top of that, this statement looks suspicious:
$guid_clean = mysqli_real_escape_string ($dbc, $guid_clean);
All the others act on the "unclean" version to produce the clean one. Unless you've already set guid_clean
somehow, it probably should be:
$guid_clean = mysqli_real_escape_string ($dbc, $guid);
As I say, that's not necessarily the case but I'd check it to make sure.
Upvotes: 1
Reputation: 8639
You have missed a single quote, Rewrite your query line with this one:-
$query = "INSERT INTO blog_post (date,article,link,pub_date,title) VALUES ('$date','$article_clean','$guid_clean','$pub_date_clean','$title_clean')";
Upvotes: 1