ERROR: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '? âõ&ôãTµ¼‹£ú1¾ÉdêÈq„ P1o²]þák%þaüêád ÐÞ"›’X´DÛ†ñÊ®Ñ

I get this error on occassion. I'm assuming its because of the data I am trying to insert into the database. Basically I am encrypting credit card numbers through OpenSSL. Sometimes it fails, sometimes it works. I think this is because the encrypted string may contain a "'". I'd post the code, but the code seems fine, it has to be a problem that arises from some character in the encrypted string.

Any idea how to fix it so that it doesn't matter what data is in the string?

Here is the SQL statement:

mysql_query("INSERT INTO eusers (e_id, e_uid, e_uname, e_pass, e_cname, e_fname, e_lname, e_address, e_city, e_state, e_zip, e_country, e_phone, e_fax, e_email, e_ccno, e_ccexp, e_cvv2, e_amount, e_receipt, e_term, e_notes, e_startdate, e_processor, e_active)
		VALUES ('','$_SESSION[sess_id]','','','$cname','$fname','$lname','$address', '$city', '$state', '$zip', '$country', '$phone', '$fax', '$email', '$encccno', '$ccexp', '$cvv2', '$amount', '$receipt', '$term', '$notes', '$startdate', '$processor', 'true')") or die("ERROR: " . mysql_error());

Sample error:

ERROR: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '? âõ&ôãTµ¼‹£ú1¾ÉdêÈq„ P1o²]þák%þaüêád ÐÞ"›’X´DÛ†ñÊ®Ñ

The variable $encccno is the encrypted credit card number using OpenSSL

Thanks guys!

Paul