| From: | hellau(at)20min(dot)ch |
|---|---|
| To: | pgsql-php(at)postgresql(dot)org |
| Subject: | submitting varchar string from form / escape characters |
| Date: | 2002-09-10 16:30:05 |
| Message-ID: | 20020910163006.5672.h007.c000.wm@mail.20min.ch.criticalpath.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-php |
hi all,
I am using pgsql with php and have the following
problem:
I have a form which lets the user dynamically select a
table, after this query he gets a list of possible
attributes, after selecting one he can do a subquery
and select a second attribute, and an operator, and a
value. after this I put the final sql query string
together like:
$sql = "SELECT $attribute FROM $table WHERE $attribute2
$operator $value";
this string is now submitted to another php document
doing the query and tabing the results out. if $value
is a number, everything works fine, but if $value is a
string with several words, commatas and/or spaces
inside, I get an error message. when I try to do
something like "'".$value."'" I always get: ERROR:
parser: parse error at or near "\"
I tryed all possibilities of escape characters I could
think of. If somebody knows what I am missing, help
would be apreciated.
Tom
Get your free mail account @ http://www.20min.ch - Your Urban Update Tool
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Keary Suska | 2002-09-10 18:42:46 | Re: submitting varchar string from form / escape characters |
| Previous Message | David C. Brown | 2002-09-09 15:46:12 | Re: Error"Unable to connect to PostgresSQL server: connectDBStart()" |