Hi all,
perhaps an obvious problem, I use php/mysql to insert form field data into a mysql db for content management, everything was fine using php4, then the hosting server was upgraded to php5 and this problem was born, the insert script worked fine, allowed any text inputed.
Now, when a user places text into a field which includes an apostrophy (i.e. test's) the submission results in a mysql error declaring too many (')s.
This is only happening with 'INSERT' if I use 'UPDATE/SET' then I do not have any problems, but obviously I need the 'INSERT' syntax to create new entries in the table.
A snippet of the script I am using is:
PHP Code:
<?php .....dbconnect....etc ?>
<?php
$_POST['Info_Box2_txt'];
$_POST['Info_Box3_txt'];
?>
........
<?
php $sql = mysql_query("INSERT INTO tbl_product
(Info_Box2_txt, Info_Box3_txt) VALUES ('$Info_Box2_txt', '$Info_Box3_txt')") or die(mysql_error());
?>
........
Any thoughts?
Do I need to separate using periods (.) or quotes (") rather than apostrophies?
Why does this problem not exist when using 'UPDATE/SET'?
Regards
Brian