We're a community of 1076K IT Pros here for help, advice, solutions, professional growth and fun. Join us!
1,075,642 Members — Technology Publication meets Social Media
Username:
Password:
Lost login information?
Start New Discussion Reply to this Discussion
Ad: IT HelpDesk & Customer Support Software
8 Months Ago
0

MySQL & URLS

I am having trouble with this code:

<?php
// Username
$username = $_POST['name'];

$email = $_POST['email'];
$default = "default image";
$size = 40;

// MYSQL
mysql_connect('host','username','password');
mysql_select_db('database');

$grav_url = "www.gravatar.com/avatar/" . md5( strtolower( trim( $email ) ) ) . "?d=" . urlencode( $default ) . "&s=" . $size;

$sql = "INSERT INTO `db` (profile image) VALUES mysql_real_escape_string($grav_url) WHERE id='{$_SESSION['sessid']}'";

mysql_query($sql);


echo "Profile image updated. <a href='update.php'>Go back.</a>";

?>

The problem is that this does not work, but displays no error. I look in the data base and it is not updated. I don't know why.

3
Contributors
3
Replies
58 Minutes
Discussion Span
8 Months Ago
Last Updated
4
Views
Question
Answered
Djmann1013
Junior Poster
102 posts since May 2012
Reputation Points: 0
Solved Threads: 3
Skill Endorsements: 0
8 Months Ago
0

I do not beleive you can use mysql_real_escape_string within a SQL statement.

This should be done via to the INSERT statement

Squidge
Posting Pro in Training
406 posts since Dec 2009
Reputation Points: 111
Solved Threads: 60
Skill Endorsements: 5
8 Months Ago
0

I tried the insert statement before. But, ill try insert again. Can you give me an example?

Djmann1013
Junior Poster
102 posts since May 2012
Reputation Points: 0
Solved Threads: 3
Skill Endorsements: 0
8 Months Ago
0

Sory for jumping in, I just have too much time right now :-). You can not use a function within double quoted string (you can use variables though). Do a concatenation:

$sql = "INSERT INTO `db` (profile image) VALUES " . mysql_real_escape_string($grav_url) . " WHERE id='{$_SESSION['sessid']}'";

This should work provided that the {$_SESSION['sessid']} exists and has expected vaslue.

broj1
Nearly a Posting Virtuoso
1,211 posts since Jan 2011
Reputation Points: 167
Solved Threads: 164
Skill Endorsements: 13
Question Answered as of 8 Months Ago by broj1 and Squidge

This question has already been solved: Start a new discussion instead

Post: Markdown Syntax: Formatting Help
 
You
Web Development > PHP
View similar articles that have also been tagged:
 
© 2013 DaniWeb® LLC
Page rendered in 0.0662 seconds using 2.69MB