|   |   |   | ||||
| Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. | 
|    | 
| 
 | |||||||
| Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. | 
|  | Thread Tools | 
|  12-11-2009, 04:30 PM | #1 | 
| GFY's Halfpint Industry Role:  Join Date: Jun 2007 Location: UK 
					Posts: 15,223
				 | 
				
				Anybody know what causes this error in MySQL
			 When users try to add a listing by typing into a text box  and they use any word with a ' so if they type  sort's  it comes up saying that there is an error in MySQL  Anbody know what causes this or how to fix it cheers | 
|   |           | 
|  12-11-2009, 04:34 PM | #2 | 
| Confirmed User Join Date: Apr 2004 Location: Toronto, ON 
					Posts: 1,706
				 | 
				__________________  315-310 | 
|   |           | 
|  12-11-2009, 04:34 PM | #3 | 
| So Fucking Banned Industry Role:  Join Date: Apr 2001 Location: the beach, SoCal 
					Posts: 107,089
				 | what is the error? | 
|   |           | 
|  12-11-2009, 04:40 PM | #4 | 
| GFY's Halfpint Industry Role:  Join Date: Jun 2007 Location: UK 
					Posts: 15,223
				 | You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'S | 
|   |           | 
|  12-11-2009, 04:40 PM | #5 | |
| GFY's Halfpint Industry Role:  Join Date: Jun 2007 Location: UK 
					Posts: 15,223
				 | Quote: | |
|   |           | 
|  12-11-2009, 04:43 PM | #6 | 
| So Fucking Banned Join Date: Dec 2009 
					Posts: 464
				 | you need to "clean up" your variables by escaping those things that causes mysql to throw up. $insertthisnowtomysql = mysql_real_escape_string($sometextforinsert) now just run "INSERT" sql | 
|   |           | 
|  12-11-2009, 04:50 PM | #7 | 
| GFY's Halfpint Industry Role:  Join Date: Jun 2007 Location: UK 
					Posts: 15,223
				 | so its the script and not mysql... cheers | 
|   |           | 
|  12-11-2009, 05:09 PM | #8 | 
| Confirmed User Industry Role:  Join Date: Nov 2000 Location: Oakville, Ontario, Canada 
					Posts: 9,287
				 | its the   '     use   "  instead | 
|   |           | 
|  12-11-2009, 05:13 PM | #9 | 
| <&(©¿©)&> Industry Role:  Join Date: Jul 2002 Location: Chicago 
					Posts: 47,882
				 | like someone said earlier, just escape the input before putting it in the db... but that error isn't just some inconvenience, it can often be exploited to hack the script... I would have someone look into it... 
				__________________ Custom Software Development, email: woj#at#wojfun#.#com to discuss details or skype: wojl2000 or gchat: wojfun or telegram: wojl2000 Affiliate program tools: Hosted Galleries Manager Banner Manager Video Manager  Wordpress Affiliate Plugin Pic/Movie of the Day Fansign Generator Zip Manager | 
|   |           | 
|  12-11-2009, 05:14 PM | #10 | 
| GFY's Halfpint Industry Role:  Join Date: Jun 2007 Location: UK 
					Posts: 15,223
				 | trouble is its the users that are using  '  and not " when they are typing things like mod's | 
|   |           | 
|  12-11-2009, 05:33 PM | #11 | |
| Confirmed User Join Date: Apr 2004 Location: Toronto, ON 
					Posts: 1,706
				 | Quote: 
 http://www.embracer.com/2009/databas...sql-injections 
				__________________  315-310 | |
|   |           | 
|  12-11-2009, 05:34 PM | #12 | |
| GFY's Halfpint Industry Role:  Join Date: Jun 2007 Location: UK 
					Posts: 15,223
				 | Quote: 
 Im not very good when it comes to mysql things and Im not to sure what he means by " just escape the input before putting it in the db... is this inserted into the database or the script If I cant fix it I will see if sands is about and see if he can fix it or contact the people I bought the script from | |
|   |           | 
|  12-11-2009, 05:52 PM | #13 | |
| GFY's Halfpint Industry Role:  Join Date: Jun 2007 Location: UK 
					Posts: 15,223
				 | Quote: 
 | |
|   |           | 
|  12-11-2009, 06:08 PM | #14 | 
| Coupon Guru Industry Role:  Join Date: Mar 2009 Location: Minneapolis 
					Posts: 10,973
				 |  
				__________________ Webmaster Coupons Coupons and discounts for hosting, domains, SSL Certs, and more! AmeriNOC Coupons | Certified Hosting Coupons | Hosting Coupons | Domain Name Coupons  | 
|   |           | 
|  12-11-2009, 06:32 PM | #15 | 
| <&(©¿©)&> Industry Role:  Join Date: Jul 2002 Location: Chicago 
					Posts: 47,882
				 | 
				__________________ Custom Software Development, email: woj#at#wojfun#.#com to discuss details or skype: wojl2000 or gchat: wojfun or telegram: wojl2000 Affiliate program tools: Hosted Galleries Manager Banner Manager Video Manager  Wordpress Affiliate Plugin Pic/Movie of the Day Fansign Generator Zip Manager | 
|   |           |