1

I've been using this for loop to insert information into my database:

$values = array();
for($x=1;$x<=3;$x++){
    $values[]= $_POST["FCKeditor".$x]; 
}
echo implode(",",$values);

$sql = "INSERT INTO virus (v1,v2,v3) VALUES(".implode(",",$values).")";

However, when I looked at the result on the webpage, it gave me this message:

a1
,b2
,c3
INSERT INTO virus (v1,v2,v3) VALUES(a1
,b2
,c3
)You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '>,b2
,c3
)' at line 1

Can someone help solve this issue?

Improve this question
2
  • I guess you need to properly escape and double quote / single quote the value Commented Oct 8, 2014 at 2:08
  • 1) Read about SQL injection, 2) Obviously, you are receiving HTML code from editor, but do not escape it, not even trying to use quotes for it and for data in general. You have something like values(something>, 2,3) MySQL is trying to understand the query, because it thinks that something> is a part of the command, not a data. And this command breaks the whole query. It would not happen if values('something>', '2', '3') Commented Oct 8, 2014 at 2:08

1 Answer 1

Reset to default
1

Very likely the problem is the missing quotes, and you probably wanted something like the following for your values portion:

"'".implode("','",$values)."'"

Which gives you something like:

'abc','xyx','123'

Of course I am assuming that they are all of string type. If some are not, then you need to make sure strings are quoted and numbers are not etc.

The best is for sure to use place holders, then you do not need to go through this trouble at all.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.