On Sep 3, 2012, at 7:58 PM, David McGlone wrote:
On Wednesday, August 29, 2012 01:33:20 PM you wrote:
<snip>
I think you must be missing the '{}' brackets, or something, because
with this added to the snippet from before:
$sql = "INSERT INTO inventory(image, year)
VALUES('{$_FILES['image']['name']}', '$_POST[year]')";
echo '<h2>$sql = </h2><pre>'.PHP_EOL;
var_dump($sql);
echo '</pre>'.PHP_EOL;
I get:
$sql =
string(58) "INSERT INTO inventory(image, year) VALUES('1.png',
'2012')"
which shows $_FILES['image']['name'] correctly interpolated to a
string.
Sorry it took me a bit to get back with you, but your correct. This
did work.
Why was the brackets necessary? I thought that was what the single
quotes
were for. I'm thinking the brackets join ['image'] and ['name']
otherwise the
query views it as 2 seperate queries. Correct? or were the brackets
use to
group it all together, but seperate it from the outer quotes?
--
Regards
David M.
I believe what you were wanting was this. But either will work.
I find that the double quote + period method works better for adding
in the mysql_real_escape_string() function.
But that is just in my own experience.
$sql = "INSERT INTO inventory(image, year)
VALUES('".mysql_real_escape_string($_FILES['image']['name'])."',
'".mysql_real_escape_string($_POST[year]'))."'";
Karl DeSaulniers
Design Drumm
http://designdrumm.com
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
