Naila Naila - 1 month ago 11
MySQL Question

mySQLi database error which i don't know , First this query run fine but now not working

i have run this query before and inserted the record in database but now that's not working fine. i searched for solutions, my database size is 1.6MB and also i increase the default size of xampp in php.ini from 2Mb to 20 MB and refresh the apache and mysql server. but no solution working

here is my code

function saveProduct($myproductName , $myproductType , $mymyimage , $techInfo , $charactristics , $specifications , $properties)
{
$mycon = mysqli_connect("localhost","root","") or die ("could not connected to database");
mysqli_select_db($mycon, "zic_app");
$qry="INSERT INTO zic_catalog (productName, productImage, productType, vhviTech, generalCharactristics, specifications, properties) VALUES ('".$myproductName."' , '".$mymyimage."' , '".$myproductType."' , '".$techInfo."' , '".$charactristics."' , '".$specifications."' , '".$properties."')";
?>
<br /><br /><br />
<?php
$result=mysqli_query($mycon, $qry);
if($result)
{

echo( "publish successfully...");
}
else
{
echo "Product Not published: " . mysqli_error($mycon);
}
}


and this is the error


You have an error in your SQL syntax; check the manual that
corresponds to your MariaDB server version for the right syntax to use
near 's manual Transmission fluid specification and other major car manufacturers wher' at line 1

Answer

If there is an apostrophe in the data it will break the sql - use escaped double quotes in the sql instead or convert the data using htmlentities

$qry="INSERT INTO zic_catalog (productName, productImage, productType, vhviTech, generalCharactristics, specifications, properties) 
VALUES 
(\"{$myproductName}\" , \"{$mymyimage}\" , \"{$myproductType}\" , \"{$techInfo}\"  , \"{$charactristics}\" , \"{$specifications}\" , \"{$properties}\")";