dashboard2.php

if (isset($_POST['ok'])){

        if (empty($_GET['class_id']))
            {

            $class = $_SESSION['class'];

            $sqlstr = "INSERT INTO material2(`subject`, `title`, `content`) VALUES('".$class."', '".$title."','".$content."')";
            echo $sqlstr;
            }
        else
            {
            $class = $_SESSION['class'];
            //echo $class;

            $sqlstr = "UPDATE material2 SET subject='".$class."', title='".$title."', content='".$content."' WHERE class_id=".$_GET['class_id'];
            echo $sqlstr;
            }
        $result = mysql_query($sqlstr) or die(mysql_error());

        //Jika mode edit, maka tidak akan dikirimkan konfirmasi kepada subscriber
        //if (empty($_REQUEST['id']))   kirimEmail($idKategori, $judul, $news);
        $confirmation = ($result) ? "Data has been saved." : "Fail to save data.";  
    }

The following error appears after inserting the value:

INSERT INTO material2(`subject`, `title`, `content`) VALUES(''Economy'', 'Lorem ipsum dolor sit amet, consectetur adipiscing elit. ','

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nullam sit amet est urna. Donec tempor, nunc ac dapibus gravida, dui erat imperdiet libero, id vestibulum eros ante a risus. In ipsum nunc, pharetra quis ultrices eu, tristique sed ante. Quisque vitae suscipit erat. Duis pellentesque feugiat elit, id placerat elit scelerisque at.
')You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Economy'', 'Lorem ipsum dolor sit amet, consectetur adipiscing elit. ','

Lorem' at line 1

How to fix the error?

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.