Hi Guys

Im kind of new to this and i hope i will explain myself enough for you to understand my question.

I have a little dynamic blog. I have a form (called add_post.php)i use to insert my articles (blog_enrty). Unfortunately i get an error saying "you do not have permission to access add_post.php" each time i try to insert an article with html/xhtml characters.

It works fine on my localhost (computer) with or without html characters, but works on my website server only without html.

This is the code on the add_post.php:

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
$insertSQL = sprintf("INSERT INTO news (title, blog_entry,article_id,arthor_id) VALUES (%s, %s, %s, %s)",
GetSQLValueString($_POST['title'], "text"),
GetSQLValueString($_POST['blog_entry'], "text"),
GetSQLValueString($_POST['article_id'], "int"),
GetSQLValueString($_POST['arthor_id'], "int"));

Help will be greatly appreciated.

What does the GetSQLValueString function look like?

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.