Hi,
Thursday, August 12, 2004, 10:03:32 AM, you wrote:
AH> Hi All,
AH> I have this expression;
AH> $query = "INSERT INTO $table (%s) VALUES (%s)";
AH> $query = sprintf($query, implode(",", $fld), implode(",",
AH> $val));
AH> $result = mssql_query($query) or die($errmsg);
AH> I am trying to insert values from an array into the database.
AH> I keep getting the error that I can't pass column names in this context.
AH> I know it's because I'm not enclosing $val in quotes.
AH> I've tried a number of variations;
AH> implode("\"","\"", $val)
AH> implode("\',\'", $val)
AH> implode(",", "\"".$val."\"") - This blows up nicely ;-)
AH> Where am I going wrong on this?
AH> alex hogan
You can do it this way but you must make sure that any strings in your
values array have been escaped before with mysql_escape_string() and
probably trimmed as well.
$fields = array('id','name','age');
$values = array(1,'Dave',40);
$table = 'test';
$sql = sprintf("INSERT INTO %s (%s) VALUES
('%s')",$table,implode(',',$fields),implode("','",$values));
echo $sql;
(It's perfectly ok to quote numbers)
--
regards,
Tom
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
