OK, I have magic_quotes on though so useless lecture thanks for the advice
-- JJ Harrison [EMAIL PROTECTED] www.tececo.com "Miguel Cruz" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > On Sat, 6 Jul 2002, JJ Harrison wrote: > > $query = "INSERT INTO tececo_stats values ('', $id, $visited, $time, > > $remote_dns, $remote_ip, $referer, $browser, $system)"; > > mysql_query($query); > > You should always do the following if you are having trouble: > > 1) print out $query and try it yourself at the mysql command line. > > 2) print mysql_error(). > > In this case I think the problem is that you've failed to quote the > strings in your INSERT. Try something like > > INSERT INTO tececo_stats values ('', '$id', '$visited', '$time' ... > > Also note that as it stands, I could potentially make big trouble for you > by putting clever values into HTTP_REFERER (which is totally under my > control as a visitor to your site). So make sure you mysql_escape_string > or addslashes those values (unless you have magic_quotes turned on, in > which case you can ignore this lecture). > > miguel > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
