SitePoint Sponsor

User Tag List

Results 1 to 25 of 25
  1. #1
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    How to put parentheses in MySQL?

    I have a mysql query like:

    PHP Code:
    $where "INSERT INTO news
        (author, date, newstitle, newstext, category) VALUES (
        'Sample',
        'NOW()',
        'Where am I?',
        'I was built in a small town, that is called, Dongola. By someone who goes by the name of Ja (imagine a y at the end of that, and you'll know how to pronounce it). His real name is Jacob, and he works for a familly owned computer store named, C & S Consulting. Ja, was 15 years old when this part here was typed, but 16 days after that, he would turn 16. I know, I know, the section was titled "Where am I?" but I got carried away, and most of this should have been in the "About" section, but what I put there, had nothing to do with "About" but I put it there anyway.',
        'index'
        )"

    I've tried changing the ('s and )'s to ( and ) but when I load the page, the html codes get changed back to ('s and )'s and then tried to be put into the database... this is causing problems, because mysql thinks its done, and doesn't know what to do with the rest of it, so I get a big nasty error...
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  2. #2
    dooby dooby doo silver trophybronze trophy
    spikeZ's Avatar
    Join Date
    Aug 2004
    Location
    Manchester UK
    Posts
    13,806
    Mentioned
    158 Post(s)
    Tagged
    3 Thread(s)
    look up mysql_escape_string()
    also you dont need quotes around NOW() as it is a mysql term.

    Cheers

    SpikeZ
    Mike Swiffin - Community Team Advisor
    Only a woman can read between the lines of a one word answer.....

  3. #3
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Does NOW have to be in quotes?
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  4. #4
    dooby dooby doo silver trophybronze trophy
    spikeZ's Avatar
    Join Date
    Aug 2004
    Location
    Manchester UK
    Posts
    13,806
    Mentioned
    158 Post(s)
    Tagged
    3 Thread(s)
    Nope.
    It's part of mysql's functions.
    Mike Swiffin - Community Team Advisor
    Only a woman can read between the lines of a one word answer.....

  5. #5
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ok so for mysql_escape_string I need:

    mysql_escape_string($where = "INSERT INTO news
    (author, date, newstitle, newstext, category) VALUES (
    'Sample',
    NOW,
    'Where am I?',
    'I was built in a small town, that is called, Dongola. By someone who goes by the name of Ja (imagine a y at the end of that, and you'll know how to pronounce it). His real name is Jacob, and he works for a familly owned computer store named, C & S Consulting. Ja, was 15 years old when this part here was typed, but 16 days after that, he would turn 16. I know, I know, the section was titled "Where am I?" but I got carried away, and most of this should have been in the "About" section, but what I put there, had nothing to do with "About" but I put it there anyway.',
    'index'
    )");

    instead of my old one?

    or do I need to make another variable:

    $where_escaped = "mysql_escape_string($where)";

    and then mysql_query($where_escaped)

    ?
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  6. #6
    dooby dooby doo silver trophybronze trophy
    spikeZ's Avatar
    Join Date
    Aug 2004
    Location
    Manchester UK
    Posts
    13,806
    Mentioned
    158 Post(s)
    Tagged
    3 Thread(s)
    make another variable...
    $where_escaped = "mysql_escape_string($where)";

    and then mysql_query($where_escaped)
    Mike Swiffin - Community Team Advisor
    Only a woman can read between the lines of a one word answer.....

  7. #7
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    owch, now I get a bunch of errors similar to this:

    You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'mysql_escape_string(INSERT INTO news
    (author, date, newstitle, newstext, catego' at line 1
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  8. #8
    SitePoint Evangelist klik's Avatar
    Join Date
    Jan 2005
    Location
    Scotland, UK
    Posts
    547
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Why is mysql_escape_string directly before the sql statement?

    Make new variables from this function, and then use the standard procedure of updating the database.

  9. #9
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    My code is:

    PHP Code:
    $what "INSERT INTO news
        (author, date, newstitle, newstext, category) 
        VALUES ( 
        'Sample', 
        NOW, 
        'What to do next...',
        'Well I\'m assuming you\'re the admin, so if you are, incase you haven\'t noticed... Your site is pretty uhmmm bland? If you want to fix that, go back to the documentation I\'m sure you followed to get this far, and go to the next section. That should teach you how to delete me, or change me. And the section after that, teaches you how to make me \'pretty\'.</p><p>Also, if you ever get to a point where you just can\'t go any farther, or don\'t feel like learning this, you can always contact me...contact information provided at <a href=\'http://www.jabird.com\'>my website</a>, and I would gladly give you a quote, or do it for free, depending on the complexity of it.', 'index')"
    ;
    $what_escaped "mysql_escape_string($what)";
    if(
    mysql_query($what_escaped)) {
        echo(
    "The 'What to do next...' entry was successfull!<br />");
    } else {
        echo(
    "For some reason we could not enter the 'What to do next...' entry to the database.<br />The error we received was:<br /><textarea cols='40' rows='5'>".mysql_error()."</textarea><br /><br />");
        
    $whatfail "DELETE FROM news";

    I think its basically including the $where varialbe into the $where_escaped variable, and stripping the wrong ('s and )'s...
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  10. #10
    SitePoint Wizard Dylan B's Avatar
    Join Date
    Jul 2004
    Location
    NYC
    Posts
    1,150
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Is DATE a reserved MySQL word?

  11. #11
    dooby dooby doo silver trophybronze trophy
    spikeZ's Avatar
    Join Date
    Aug 2004
    Location
    Manchester UK
    Posts
    13,806
    Mentioned
    158 Post(s)
    Tagged
    3 Thread(s)
    Quote Originally Posted by Dylan B
    Is DATE a reserved MySQL word?
    Yep, spot on Dylan_B. You would be advised to change it to something like date_added....

    PHP Code:
    $what "INSERT INTO news 
        (author, date, newstitle, newstext, category) 
        VALUES ( 
        'Sample', 
        NOW, 
        'What to do next...', 
        'Well I\'m assuming you\'re the admin, so if you are, incase you haven\'t noticed... Your site is pretty uhmmm bland? If you want to fix that, go back to the documentation I\'m sure you followed to get this far, and go to the next section. That should teach you how to delete me, or change me. And the section after that, teaches you how to make me \'pretty\'.</p><p>Also, if you ever get to a point where you just can\'t go any farther, or don\'t feel like learning this, you can always contact me...contact information provided at <a href=\'http://www.jabird.com\'>my website</a>, and I would gladly give you a quote, or do it for free, depending on the complexity of it.', 'index')"

    $what_escaped mysql_escape_string($what); 
    if(
    mysql_query($what_escaped)) { 
        echo(
    "The 'What to do next...' entry was successfull!<br />"); 
    } else { 
        echo(
    "For some reason we could not enter the 'What to do next...' entry to the database.<br />The error we received was:<br /><textarea cols='40' rows='5'>".mysql_error()."</textarea><br /><br />"); 
        
    $whatfail "DELETE FROM news"

    mysql_escape_string is a function and therefore doesn't need quotes.

    Mike
    Mike Swiffin - Community Team Advisor
    Only a woman can read between the lines of a one word answer.....

  12. #12
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Now I get:

    Code:
     You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\n	(author, date, newstitle, newstext, category)\n	VALUES (\n	\'Sample\' at line 1
    is perhaps mysql_escape_string perhaps escaping too much?
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  13. #13
    SitePoint Evangelist klik's Avatar
    Join Date
    Jan 2005
    Location
    Scotland, UK
    Posts
    547
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You haven't changed date to date_added...

  14. #14
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Why would I?

    in MySQL the row name is date...
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  15. #15
    SitePoint Evangelist klik's Avatar
    Join Date
    Jan 2005
    Location
    Scotland, UK
    Posts
    547
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Didn't you read Dylan's post?

    It is a mysql reserve word. You'll have to change the date column name to date_added as suggested by Spikez.

  16. #16
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    ah, sorry about that =\

    I changed that though, now I get:

    Code:
     You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\n	(author, date_added, newstitle, newstext, category) VALUES (\n	\'Sample' at line 1
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  17. #17
    SitePoint Evangelist klik's Avatar
    Join Date
    Jan 2005
    Location
    Scotland, UK
    Posts
    547
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Paste your current code into here, for the query.

  18. #18
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    PHP Code:
      $what "INSERT INTO news
         (author, date_added, newstitle, newstext, category)
         VALUES (
         'Sample',
         NOW,
         'What to do next...',
         'Well I\'m assuming you\'re the admin, so if you are, incase you haven\'t noticed... Your site is pretty uhmmm bland? If you want to fix that, go back to the documentation I\'m sure you followed to get this far, and go to the next section. That should teach you how to delete me, or change me. And the section after that, teaches you how to make me \'pretty\'.</p><p>Also, if you ever get to a point where you just can\'t go any farther, or don\'t feel like learning this, you can always contact me...contact information provided at <a href=\'http://www.jabird.com\'>my website</a>, and I would gladly give you a quote, or do it for free, depending on the complexity of it.', 'index')"
    ;
     
    $what_escaped mysql_escape_string($what);
     if(
    mysql_query($what_escaped)) {
         echo(
    "The 'What to do next...' entry was successfull!<br />");
     } else {
         echo(
    "For some reason we could not enter the 'What to do next...' entry to the database.<br />The error we received was:<br /><textarea cols='40' rows='5'>".mysql_error()."</textarea><br /><br />");
         
    $whatfail "DELETE FROM news";
     } 
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  19. #19
    SitePoint Zealot
    Join Date
    May 2005
    Location
    Birmingham UK
    Posts
    122
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Isn't NOW meant to have a set of brackets after it, like NOW() ?
    Contact: opserty@gmail.com
    Register your portfolio at: http://portfoliodb.net

  20. #20
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Nope, I was told to remove them..
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  21. #21
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Are there any errors in there? I still think the mysql_escape_string is escaping EVERYTHING not just the stuff I want escaped...
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  22. #22
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    This would be a huge pain, but I was thinking something like:

    PHP Code:
     $author 'Sample';
     
    $title 'What to do next...';
     
    $content 'Content (here)';
     
    $contentescaped mysql_escape_string($content);
     
    $category 'index';
     
    $what "INSERT INTO news
         (author, date_added, newstitle, newstext, category)
         VALUES (
         '
    $author',
         NOW,
         '
    $title',
         '
    $contentescaped',
         '
    $category')"
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  23. #23
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I fixed it... I feel dumb now
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  24. #24
    SitePoint Wizard Dylan B's Avatar
    Join Date
    Jul 2004
    Location
    NYC
    Posts
    1,150
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by jabird
    I fixed it... I feel dumb now
    What was the error?

  25. #25
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I just changed the query from my old one to:

    PHP Code:
     $what "INSERT INTO news SET
         author = 'Sample',
         date_added = NOW(),
         newstitle = 'What to do next...',
         newstext = 'Well I\'m assuming you\'re the admin, so if you are, incase you haven\'t noticed... Your site is pretty uhmmm bland? If you want to fix that, go back to the documentation I\'m sure you followed to get this far, and go to the next section. That should teach you how to delete me, or change me. And the section after that, teaches you how to make me \'pretty\'.</p><p>Also, if you ever get to a point where you just can\'t go any farther, or don\'t feel like learning this, you can always contact me...contact information provided at <a href=\'http://www.jabird.com\'>my website</a>, and I would gladly give you a quote, or do it for free, depending on the complexity of it.', 
         category = 'index'
         "

    Thus eliminating the ('s and )'s from screwing with my query...
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •