The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
SQL ERROR 1064 - Think it is a single quote error
Hi Guys,
I was hoping someone out there can help me out with this sql error I am having. I am thinking it has something to do with " ' " single quotes. In the code a user can input text into a text box. The data stored in this text box is assigned to a string variable,which is stored in the database via an sql statement. The code works fine until a " ' " is used in the text box. Here is the error: Code:
Database error in vBulletin 3.0.4: Invalid SQL: INSERT INTO thread(title, lastpost, forumid, open, replycount, postusername, postuserid, lastposter, dateline, iconid, visible, attach) VALUES ('[Sell] ADMS 2320 : Statistics for Man't and Econ Edition:6 Keller ISBN: 0-534-39186-9 $80 ', 1135971661, 70, 1, 0, 'ssrashid', 1383, 'ssrashid', 1135971661, 0, 1, 0) mysql error: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 't and Econ Edition:6 Keller ISBN: 0-534-39186-9 $80 ', 11359 mysql error number: 1064 is there a try catch routine with php? |
#2
|
|||
|
|||
Is this from a custom script you made or from vbulletin itself?
|
#3
|
|||
|
|||
it is from an Erwin Form to Post hack.
|
#4
|
|||
|
|||
Escape quotes in all strings you use in the query. addslashes works but vB's MySQL class also has a method to do it.
|
#5
|
|||
|
|||
vB's class uses:
PHP Code:
|
#6
|
||||
|
||||
Does that exist in 3.0 ?
|
#7
|
|||
|
|||
Nope, it was implemented with 3.5.
|
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|