Hi
I take data from a html form to inseert to mysql, sometimes that data has single and double quotes in it. How do you get the quotes to be part of the string so i can add to mysql.
Hers what I have, but this still gives me a sql error.
if (!empty($_REQUEST['atitle'])){
$title = $_REQUEST['atitle'];
}
else{
$title = NULL;
}
if (!empty($_REQUEST['acontent'])){
$content = $_REQUEST['acontent'];
}
else{
$content = NULL;
echo "<span class='text'><p>Enter content for the News Item</p></span>";
}
if ($title && $content){
$query = "INSERT INTO projects VALUES (NULL, '"mysql_real_escape_string($atitle)"', '"mysql_real_escape_string($acontent)"', '$remote_file', '$remote_file1', '$remote_file2')";
$result = mysql_query($query);
if(!$result){
$error = 'An error occured: '. mysql_error().'<br />';
$error.= 'Query was: '.$query;
echo $error;
die($message);
}
Thanks for looking..................