On Thu, 3 Apr 2003, Craig wrote:
> Hey all,
>
> Im hoping someone can shed some light on this for me:
>
> Im running PHP 4.31 on RH Advanced Server 2.1
>
> I am connecting, to M$SQL Server 2000 using FreeTDS -- with Sybase support,
> and Im stumped on 1 thing:
>
> CODE:
> ============================================================================
> ====================
> <?php
>
> $ccode = $_POST['ccode'];
> $cname = $_POST['cname'];
> $cstreet = $_POST['cstreet'];
>
> include("includes/connect.php");
> $iqry_clients = mssql_query("INSERT INTO Clients
> (client_code,client_name,client_street) VALUES
> ('$ccode','$cname','$cstreet')");
>
> mssql_close($conn);
>
> ?>
> ============================================================================
> ====================
>
> The above code works fine, except when one of the fields e.g client_name -
> Has a quoted string or an apostrophe in it, it just spews the following
> error:
>
> Warning: Sybase error: Line 1: Incorrect syntax near 's'. (severity 15) in
> /var/www/html/clients/pages/add_client.php on line 17
>
> Has anyone experienced this, and if so know of a possible solution?? I have
> used addslashes() etc but still no joy.
>
> Thanks in advance.
>
> Craig
I think you should pass the values through AddSlashes function:
include("includes/connect.php");
$ccode = AddSlashes($ccode);
$cname = AddSlashes($cname);
$cstreet = AddSlashes($cstreet);
$iqry_clients = mssql_query("INSERT INTO Clients
(client_code,client_name,client_street) VALUES
('$ccode','$cname','$cstreet')");
Cheers,
--
--Jyry
:-( C:-/ C========8-O C8-/ C:-(
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
