[nycphp-talk] can't populate db table with csv - I can't believethis!
Phil Powell
soazine at erols.com
Wed Sep 10 22:22:56 EDT 2003
Um, I don't understand. Every single thing should be encased in '' and is
escaped with mysql_escape_string(). I know the basics of SQL too. I just
can't do this bit of code!
Phil
----- Original Message -----
From: "Hans Zaunere" <hans at nyphp.org>
To: "NYPHP Talk" <talk at lists.nyphp.org>
Sent: Wednesday, September 10, 2003 8:22 PM
Subject: Re: [nycphp-talk] can't populate db table with csv - I can't
believethis!
>
> Phil,
>
> > Go to http://www.nordicnet.no/admin/alle_produkter.php and you can see
> > the damage!
>
> You need to learn some basics of working with SQL. In MySQL, Oracle,
PostgreSQL, and just about everything else, values should always be enclosed
in single quotes [1].
>
> With the SQL you show above, none of the values are enclosed in single
quotes, and since one of the values contains a single quote itself, it gives
an error. You'll also need to use mysql_escape_string() for every value you
create a SQL statement from; this escapes special chars that SQL will
interpret as having meaning. See http://php.net/mysql_escape_string
>
> > Otherwise, I'm going to have to send the code to you guys, along with
> > the .csv file and maybe you can do what I cannot. I might as well quit
> > this project!
>
> I think you might have to move to a pay-per-incident support plan :)
>
> But this is a simple problem to resolve; you should have no problem with
it.
>
> H
>
> [1] For the purposes of this discussion
>
>
> _______________________________________________
> talk mailing list
> talk at lists.nyphp.org
> http://lists.nyphp.org/mailman/listinfo/talk
More information about the talk
mailing list