Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 Programming Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 01-04-2006, 11:12 AM
alqadir alqadir is offline
 
Join Date: Aug 2004
Posts: 36
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default SQL ERROR 1064 - Think it is a single quote error

Hi Guys,
I was hoping someone out there can help me out with this sql error I am having. I am thinking it has something to do with " ' " single quotes. In the code a user can input text into a text box. The data stored in this text box is assigned to a string variable,which is stored in the database via an sql statement. The code works fine until a " ' " is used in the text box.

Here is the error:

Code:
Database error in vBulletin 3.0.4:

Invalid SQL: 
                                INSERT INTO thread(title, lastpost, forumid, open, replycount,
                                postusername, postuserid, lastposter, dateline, iconid, visible, attach)
                                VALUES
                                        ('[Sell]  ADMS 2320 : Statistics for Man't and Econ Edition:6 Keller  ISBN: 0-534-39186-9   $80 ', 1135971661, 70,
                                         1, 0, 'ssrashid', 1383,
                                         'ssrashid', 1135971661, 0, 1,
                                         0)
                        
mysql error: You have an error in your SQL syntax.  Check the manual that corresponds to your MySQL server version for the right syntax to use near 't and Econ Edition:6 Keller  ISBN: 0-534-39186-9   $80 ', 11359

mysql error number: 1064
one solution might be to search the string for the invalid character.
is there a try catch routine with php?
Reply With Quote
  #2  
Old 01-04-2006, 12:12 PM
harmor19 harmor19 is offline
 
Join Date: Apr 2005
Posts: 1,324
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Is this from a custom script you made or from vbulletin itself?
Reply With Quote
  #3  
Old 01-07-2006, 11:29 AM
alqadir alqadir is offline
 
Join Date: Aug 2004
Posts: 36
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

it is from an Erwin Form to Post hack.
Reply With Quote
  #4  
Old 01-07-2006, 03:32 PM
filburt1 filburt1 is offline
 
Join Date: Feb 2002
Location: Maryland, US
Posts: 6,144
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Escape quotes in all strings you use in the query. addslashes works but vB's MySQL class also has a method to do it.
Reply With Quote
  #5  
Old 01-07-2006, 03:36 PM
Guest190829
Guest
 
Posts: n/a
Default

vB's class uses:

PHP Code:
$db->escape_string($foo
Reply With Quote
  #6  
Old 01-07-2006, 03:39 PM
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Location: Nottingham, UK
Posts: 23,748
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Does that exist in 3.0 ?
Reply With Quote
  #7  
Old 01-07-2006, 03:41 PM
Guest190829
Guest
 
Posts: n/a
Default

Nope, it was implemented with 3.5.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 10:26 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05903 seconds
  • Memory Usage 2,210KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_code
  • (1)bbcode_php
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (7)post_thanks_box
  • (7)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (7)post_thanks_postbit_info
  • (7)postbit
  • (5)postbit_onlinestatus
  • (7)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete