mysql_real_escape_string
Posted on
16th Feb 2014 07:03 pm by
admin
Let me preface this that I am very much a PHP noob, but I have some SQL training (not necessarily MySQL, we used the Microsoft variety in school). I have a weird problem, I'm trying to create a script that will take a RSS feed and import it to a MySQL database. It worked well when I was only bringing in 10 items in the feed at a time, but when I opened it up to a larger set of items it freaks out. I think it has to do with the data not being very "clean". Meaning the data has a lot of single and double quotes and what not. As you'll see in my code I've tried to fix this by using mysql_real_escape_string(), but it still get's hung up for some reason. Here's a look at my code:
Code: <?php include('rss_fetch.inc');
define('MAGPIE_FETCH_TIME_OUT', 200);
function safe($value){
return mysql_real_escape_string($value);
}
// Set error reporting for this
ini_set('display_errors',1);
error_reporting(E_ALL);
// Fetch RSS feed
$rss = fetch_rss('feedurl');
if ($rss) {
// Split the array
$items = array_slice($rss->items,0);
// Cycle through each item and echo
foreach ($items as $item)
{
$con = mysql_connect("server","uname","pword");
if (!$con)
{
die('MySQL could not connect: ' . mysql_error());
}
mysql_select_db("rsstomysql", $con);
$sql="INSERT INTO `opportunities` (`opp_id`, `opp_title`, `opp_link`, `opp_desc`, `opp_provider`, `opp_startdate`, `opp_enddate`, `opp_location_name`, `opp_categories`, `opp_openended`, `opp_sponsororg`, `opp_starttime`, `opp_endtime`, `opp_contactemail`, `opp_contactphone`, `opp_contactname`)
VALUES('".$item['fp']['id']."', '".safe($item['title'])."', '".$item['link']."', '".safe($item['description'])."', '".$item['fp']['provider']."', '".$item['fp']['startdate']."', '".$item['fp']['enddate']."', '".$item['fp']['location_name']."', '".$item['fp']['categories']."', '".$item['fp']['openended']."', '".$item['fp']['sponsoringorganizationname']."', '".$item['fp']['starttime']."', '".$item['fp']['endtime']."', '".$item['fp']['contactemail']."', '".$item['fp']['contactphone']."', '".$item['fp']['contactname']."')
ON DUPLICATE KEY UPDATE `opp_title` = '".$item['title']."';";
if (!mysql_query($sql,$con))
{
die('MySQL Error: ' .mysql_errno() .mysql_error());
}
echo "Records added";
mysql_close($con);
}
}
else
{
echo '<h2>Magpie Error:</h2><p>'.magpie_error().'</p>';
}
// Restore original error reporting value
@ini_restore('error_reporting');
?>This is the error I'm getting:
QuoteMySQL Error: 1064You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Stop Modern Day Slavery'' at line 3The 'Stop Modern Day Slavery" is in one of the title fields in the feed. I have used mysql_real_escape_string() on the title field, but it does not seem to have any effect. Does anyone have any ideas? I've also used addslashes() and it does the same thing...
No comments posted yet
Your Answer:
Login to answer
72 
34 
Other forums
Simple Variable Question
Hi everyone.... again,
I am really getting into php still. Learning more every day. I love it
why is it over writing
Code: $filepaths[] = $_FILES['new_image'];
foreach ($filepaths as $filepath)
{
$imagename =
classic dynpro : hide area and auto adjust hights
Hi,
I want to develop a similar user interface as is used in standard transaction MIGO.How do I create a 2D game "camera" to follow player?
In J2ME programming I'm targeting MIDP 2.0 devices.
I'm using gamecanvas and I was thinking t
that old Malformed Headers problem again!!!!! HELP!!!!!!
I've read the http://www.phpfreaks.com/forums/index.php/topic,37442.0.html
I don't think my c
Renaming a file that a user uploads to site?
My site allows for registered users to upload images to the site under their own gallery. Currently
Load file in PHP
I have 2 files. The first is a PHP generated XML file that's dependent by 2 inputs. The second is a
Email Form Syantax Issue 2
How to make this look FROM:"OUR TEAM" instead of FROM:abc@mail.com
$headers = "
sql error
I have been looking at this code for 20mins and can't work out what I am doing wrong. There is somet
. and .. appearing instead of pictures
First of all, thanks very much for providing this forum. It is very much appreciated!
My son
