Hi
I have same problem, but with form.
When i try to put file and some information to db, it won't work couse of the quotes.
Here is the script, hope that you can help me.
So if any form field contains ' , it won't go to db.. HELP me...
<?php
if ($submit) {
MYSQL_CONNECT("localhost","user","password");
mysql_select_db("database");
$data = addslashes(fread(fopen($form_data, "rb"), filesize($form_data)));
$result=MYSQL_QUERY("INSERT INTO table (name,sheet,filename,filesize,filetype,koreo,feel,counts,des) ".
"VALUES ('$form_name','$data','$form_data_name','$form_data_size','$form_data_type','$koreo','$feel','$counts','$des'$
$id= mysql_insert_id();
print "<p>This file has the following Database ID: <b>$id</b>";
MYSQL_CLOSE();
} else {
// else show the form to submit new data:
?>
<form method="post" action="<?php echo $PHP_SELF; ?>" enctype="multipart/form-data">
name:<br>
<input type="text" name="form_name" size="40"><br>
Koreo:<br>
<input type="Text" name="koreo"><br>
feel:<br>
<input type="text" size=40 name="feel"><br>
counts:<br>
<input type="Text" name="counts" size="4"><br>
des:<br>
<input type="Text" name="des"><br>
<INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="24000000">
<br>file:<br>
<input type="file" name="form_data" size="40"><br>
<p><input type="submit" name="submit" value="submit">
</form>
<?php
}
?>
