Hi frnds...

from last 3 days i am struggling on same errors...i tried my level best..still i cant get it....this is my code...

$bottomline=stripslashes($_POST['bottomline']);
 or 
if(!file_exists($dir))
mkdir($dir)or die("Filename all ready exits");

when i inserting the data into table or creating directory i am getting error...

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'gdfg/."g;f.f'g;gddfgh',''

this data having (', " ,!,(,),...) this type of symbols...plz solve this problem...


also i am getting in one page output as like this...i checked in database ..in data base also stored in this way..

Venkatesh[B]’[/B]s brother Marthand K Shankar has directed this film with one of the rising stars - Varun Sandesh. Naturally, the film has created good buzz. But the film doesn[B]’[/B]t boast anything new. With wafer thin plotline, the debutant director has tried to completely focus on the comedy and hero’s

Thanks in advance...

Please paste the SQL lines.
This is just php.
Additionally for escaping please use
http://ca2.php.net/mysql_real_escape_string

"Filename all ready exits" should be Filename already exists

Thanks for your response...

this is my php & mysql code...plz change this code as correctly...

if(isset($_POST['Submit'])){
$name=mysql_real_escape_string($_POST['name']);
$rating=mysql_real_escape_string($_POST['rating']);
$cast=mysql_real_escape_string($_POST['cast']);
$director=mysql_real_escape_string($_POST['director']);
$producer=mysql_real_escape_string($_POST['producer']);
$punchline=mysql_real_escape_string($_POST['punchline']);
$story=mysql_real_escape_string($_POST['story']);
$artists=mysql_real_escape_string($_POST['artists']);
$technical=mysql_real_escape_string($_POST['technical']);
$feed1=mysql_real_escape_string($_POST['feed1']);
$feed2=mysql_real_escape_string($_POST['feed2']);
$bottomline=mysql_real_escape_string($_POST['bottomline']);
$date=date('y-m-d');
$photo1=mysql_real_escape_string($_FILES['photo1']['name']);
$photo2=mysql_real_escape_string($_FILES['photo2']['name']);
$photo3=mysql_real_escape_string($_FILES['photo3']['name']);
$photo4=mysql_real_escape_string($_FILES['photo4']['name']);
$tphoto1=mysql_real_escape_string($_FILES['photo1']['tmp_name']);
$tphoto2=mysql_real_escape_string($_FILES['photo2']['tmp_name']);
$tphoto3=mysql_real_escape_string($_FILES['photo3']['tmp_name']);
$tphoto4=mysql_real_escape_string($_FILES['photo4']['tmp_name']);
$dir="../../movies/moviereview/$name";
if(!file_exists($dir))
mkdir($dir)or die("Filename all ready exits");
$dir1="$dir"."/"."$photo1" ;
$dir2="$dir"."/"."$photo2" ;
$dir3="$dir"."/"."$photo3" ;
$dir4="$dir"."/"."$photo4" ;
if($photo1!=""){move_uploaded_file($_FILES['photo1']['tmp_name'], $dir1);}
if($photo2!=""){move_uploaded_file($_FILES['photo2']['tmp_name'], $dir2);}
if($photo3!=""){move_uploaded_file($_FILES['photo3']['tmp_name'], $dir3);}
if($photo4!=""){move_uploaded_file($_FILES['photo4']['tmp_name'], $dir4);}
$sql="insert into moviereview values('','$name','$rating','$cast','$director','$producer','$punchline','$story','$artists','$technical','$feed1','$feed2','$bottomline','$date','$photo1','$photo2','$photo3','$photo4')";
mysql_query($sql)or die(mysql_error());

}
?>

i am getting another error ...

error 3:

Filename all ready exitsPHP Warning: mkdir(../../movies/moviereview/sai\'k,jhk\'..;j\') [function.mkdir]: No such file or directory in C:\Domains\teluguflavours.com\wwwroot\admin\movies\reviews.php on line 34

Thanks in advance...

This article has been dead for over six months. Start a new discussion instead.