I'm trying to insert some data in the db, but the below query inserts it with parentheses. Any other combination I try, even taking off all parentheses just results in a query error. What am I doing wrong?


$db->query_read("INSERT INTO picks_groups (group_title) VALUES ('$db->escape_string($event_name)')");

To call a function you need to break out of the double quotes like so,

$db->query_read("
INSERT INTO picks_groups
(group_title)
VALUES (
'" . $db->escape_string($event_name) . "'
)
");Used " to close the string, and then . (concat operator) to join it with the next section which calls the escape function, and then . and " again to go back to double quoted string mode.

Another (easier to read / write for some, but not necessarily better) method is this:$escaped = $db->escape_string($event_name);

$db->query_read("
INSERT INTO picks_groups
(group_title)
VALUES (
'$escaped'
)
");

Thanks, what is the proper way to clean an array inside $_POST? So, $_POST['outcome'][]

$vbulletin->input->clean_gpc('p', 'outcome', TYPE_ARRAY_UINT);
The last bit of the type (UINT) can be any of the others, eg. STR, NUM and FILE.

$db->query_read("INSERT INTO..... INSERT is a write statement, you should not use query_read() ;)

lol good catch

Hehe, i was a bit surprised you did not catch that one, and even copied it to your improved code. :D

Thanks, I had caught that yesterday after reading through some of the vBulletin developer tools material. Thanks for that answer Dismounted.