Problem Updating Database

bailo81

Having major problems with this code, it just keeps giving me the error

Invalid query: You have an error in your SQL syntax near '5' ' at line 4

<?php
include "dbconnector.php"; 
$title = stripslashes($_POST['title']);
$text = stripslashes($_POST['text']);
$id = $_GET['id'];

 $sql = "UPDATE
                       bluebird_news
                    SET
                       news_title = '$title',
           news_text = '$text'
                    WHERE
                       news_id = '$id' ";

   if ( isset( $sql ) && !empty( $sql )){
      echo "<!--".$sql."-->";
      $result = mysql_query( $sql )
         or die("Invalid query: " . mysql_error());
?>

Please Help!!!

pohopo

You have a mysql error so the problem should be somewhere in here

$sql = "UPDATE bluebird_news
SET news_title = '$title',
news_text = '$text'
WHERE news_id = '$id' ";

I am going to guess that $text has a value that mysql does not like. maybe double quotes or single quotes.

bailo81

It does only happen when there are quotes in the text. how do i get it to accept text with quotes in?? 😕

mrhappiness

$title = stripslashes($_POST['title']);
$text = stripslashes($_POST['text']);

changes to

if (get_magic_quotes_gpc()) {
  $title = stripslashes($_POST['title']);
  $text = stripslashes($_POST['text']); 
} else {
  $title = $_POST['title'];
  $text = $_POST['text']; 
}
$title = mysql_real_escape_string($title);
$text = mysql_real_escape_string($text);

the functions can be looked up in the manual 😉

bailo81

Thats awesome thankyou 😃