Hi all,
This piece of code kept giving error messages that looked like some of my
VALUES were getting parsed by php:
sqlite_query( $handle, "
INSERT INTO course VALUES (
sqlite_escape_string($semester),
sqlite_escape_string($course),
sqlite_escape_string($course_desc),
sqlite_escape_string($college),
sqlite_escape_string($reference)
)
");
It took me a long time to figure out that this worked:
sqlite_query( $handle, "
INSERT INTO course VALUES (
'$termcode',
'$semester',
'$course',
'$course_desc',
'$college',
'$reference'
)
");
I want to do the Right Thing. It seems like using a built in function to
escape strings would be the preferable way of doing this. I was surprised
to see it not work, but even more surprised that just normal quoting worked.
Am I not using sqlite_escape_string() correctly?
Thanks!
Pete
--
The mathematics of physics has become ever more abstract, rather than more
complicated. The mind of God appears to be abstract but not complicated.
He also appears to like group theory. -- Tony Zee's "Fearful Symmetry"
GPG Fingerprint: B9F1 6CF3 47C4 7CD8 D33E 70A9 A3B9 1945 67EA 951D
