tags:

views:

43

answers:

1

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Krul. Good bye!.')' at line 1

I have a LONG script with a lot of loops. It seems to work and then I get thsi error, what does it mean?

Update: Oh okay, I see what's wrong. I am storing a variable that sometimes have an apostrophe in it, so it messes up my SQL syntax. e.g. $name = "You and D'dog are cool." my sql syntax would be like this '$name'

How can I fix this?

Update 2: I am using addslashes()

+1  A: 

It means you have a syntax error there, most likely an unescaped string with a apostrophe. It's not possible to help better without seeing the script.

EDIT: Don't use addslashes(), use a function that is designed for escaping SQL queries. In your cases that would be mysql_real_escape_string().

Lukáš Lalinský
Thanks for the help! When looking at the example, I have trouble understanding this, specifically the sprintf and the percent s: $query = sprintf("SELECT * FROM users WHERE user='%s' AND password='%s'", mysql_real_escape_string($user), mysql_real_escape_string($password));What is $s
Doug