This question already has answers here:
How to insert utf-8 mb4 character(emoji in ios5) in mysql?
(2 answers)
Closed 6 years ago.
So I use the following line of code to insert a chat message into my MySQL database:
$this->db->query("INSERT INTO group_messages (group_message_text,group_message_group_id,group_message_user_id) VALUES ('$message','$group_id','$user_id');");
This works great until the users tries to use characters like ' or emoji's. How do I handle that properly?
To store emoji's in your database you have to store it in utf8mb4. See this answer.
You should also escape your text bevor storing it into the database. See this answer as well.
Might be the Syntax error:
Please try using
$this->db->query("INSERT INTO group_messages (group_message_text,group_message_group_id,group_message_user_id) VALUES ('".$message."','".$group_id."','".$user_id."');");
Hope this will help :)
Related
This question already has answers here:
How can I prevent SQL injection in PHP?
(27 answers)
Closed 5 years ago.
Maybe a silly question, but I'm really struggling.
I've created a MySQL Database and Table and am trying to push data into it. The data in question is a unique ID and a load of Javascript.
Code is simple:
$sql = "INSERT INTO TableName (id, code)
VALUES ('$uniqueid', '$codeoutput')";
However, whilst I can get the ID in there, I can't get the DB to accept the Javascript (which is currently stored in the variable $codeoutput.
I get the error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax
I'm not that familiar with using MySQL, and I have played around with different data types in PhpMyAdmin, but sadly still no luck.
What am I doing wrong? Do I need to have a very specific setup on the column where I'm storing the code? I'm currently trying to store it as medium text.
Is it something to do with needing to escape special characters? Is there an easy solution to this?
simplest way to do it is
$sql = "INSERT INTO TableName ($uniqueid) VALUES ('id')";
$sql2 = "INSERT INTO TableName ($codeoutput) VALUES ('code')";
This question already has answers here:
How do I get the last inserted ID of a MySQL table in PHP?
(16 answers)
Closed 6 years ago.
I tried to find an answer on here already, as well as read the PHP doc on it, however it doesn't explain it very well.
I'm just trying to get the last ID inserted by the user. I know MYSQL is deprecated, but I need to do it this way.
This is what I have so far.
$query="INSERT INTO teams (team_name)
VALUES
('$team_name')";
mysql_query($query) or die('error');
$team_id = mysql_query("SELECT LAST_INSERT_ID()");
Thanks!
Take a look at mysql_insert_id
But beware of the issues when using ON DUPLICATE KEY UPDATE statements. It is described in the comments on the php doc page.
But your solution should work, too.
Also, if you're using mysql, don't forget to mysql_real_escape your input, $team_name in your case.
[insert obligatory mysql is deprecated warning here ;)]
You can do it by PHP. You don't need a query: mysql_insert_id()
This question already has answers here:
UTF-8 all the way through
(13 answers)
Closed 9 years ago.
I have a problem with inserting proper data into my DB with php...
I am trying insert some data with this code:
$query1 = "insert into `exercises`(`exercise_name`) values ('".$txtEName."');";
$query2 = "insert into `exercises_type`(`type_name`) values ('".$txtEType."');";
mysqli_query($connnect, $query1);
mysqli_query($connnect, $query2);
all data is russian text... all data is saving into the DB, but, in DB it looks like
so what I am doing wrong?
You can check for correct charset/collation. As this may help you to insert correct data in you table. also you can use character encoding for values your are getting by $_POST.
This link may help you
This question already has answers here:
Closed 11 years ago.
Possible Duplicate:
Best way to stop SQL Injection in PHP
I am trying to insert ' sign and " in a mysql table using php. But the content has this two signs I get a mysql error.
$comment="I like '''' it so ""much"" Jaan";
mysql_query("INSERT INTO `comments` (`id` ,`name` ,`date` ,`comment`) VALUES ('', '$name', '$date', '$comment')");
above one is an example. Whenever an user insert ' or " in his comment the problem begins. I know about mysql_real_escape_string() but i dont want to use this. Bcz My comments are already filtered. Please tell me how I can Insert comment with those syntax. every suggestions are welcome.
Escape every string variable with mysql_real_escape_string().
This question already has an answer here:
Syntax error due to using a reserved word as a table or column name in MySQL
(1 answer)
Closed 8 years ago.
Ok I have been using PHP + MySQL for a while so I consider myself proficient. I have made my fair share of syntactical mistakes in the past but this is honestly pissing me off:
http://img251.imageshack.us/img251/3760/fubar.png
If anyone can tell me why this simple statement isn't working I would be greatly appreciative.
Actually I do see 1 error..."Option" is a reserved word. wrap it in backtics : `Option` or better yet, change the column name to something that's not a reserved word.
Use backticks for 'option'.
INSERT INTO poll (`Option`) VALUES ('Stuff')
Looking at the code you're trying to insert what comes from $_POST['survey'], so your insert should look like this:
$vote = $_POST['survey'];
// connect to db
mysql_query(sprintf(
"INSERT INTO poll (`Option`) VALUES ('%s')",
mysql_real_escape_string($vote)
);
Also note that "option" is a reserved keyword and needs to be inside backticks.