$vars['part1']='something';
$vars['part2']='something else';
foreach($vars as k => $v) {
$vars[$k]=addslashes($v);
}
John Taylor-Johnston wrote:
Yes I'm reading the FM :) http://www.php.net/manual/en/ref.mysql.php
I should know this. How will I PHP this SQL into my MySQL table?
INSERT INTO testals VALUES ($part1, $part2, $part3, $part4);
I'm particularily concerned aboute single quotes. How do I escape them? Should I?
Here is what I think is right.
----------snip----------
$myconnection = mysql_connect($server,$user,$pass);
mysql_select_db($db,$myconnection);
$query = "INSERT INTO testals VALUES (addslashes($part1), addslashes($part2), addslashes($part3), addslashes($part4));";
mysql_query($query);
mysql_close($myconnection);
----------snip----------
That's it, right? I have about 40 variables. I wanted to run the code through here before I start.
Thanks,
John
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
