TalkPHP - View Single Post

SOCK · 02-22-2008, 12:29 AM

You're trying to insert unescaped data. One of those variables is a string that has a single quote in it somewhere, indicated by "s foremost network protocol analyzer, and is the de facto (and often de jure) st" in the error message. My guess is that first 's' shown is part of a possessive noun, and the reason it's failing is because of the apostrophe (a single quote).

Your script is completely open to SQL injection. Escape them strings!!

02-22-2008, 12:29 AM	#2 (permalink)
SOCK The Acquainted Join Date: Nov 2007 Posts: 154 Thanks: 31	You're trying to insert unescaped data. One of those variables is a string that has a single quote in it somewhere, indicated by "s foremost network protocol analyzer, and is the de facto (and often de jure) st" in the error message. My guess is that first 's' shown is part of a possessive noun, and the reason it's failing is because of the apostrophe (a single quote). Your script is completely open to SQL injection. Escape them strings!! __________________ I reject your reality, and substitute my own.