2010-08-23, 03:36 AM
I've tried numerous times to fix this. I give up.
I've got the code working just fine for posts for my blog system, and this one is only slightly modified to be for the pages part.
If I insert any HTML code through the script, the MySQL query breaks. I haven't figured out why.
Here's the HTML I've tried to insert through the script:
Here's the php code used:
The error is not helpful.
Can anyone help?
I've got the code working just fine for posts for my blog system, and this one is only slightly modified to be for the pages part.
If I insert any HTML code through the script, the MySQL query breaks. I haven't figured out why.
Here's the HTML I've tried to insert through the script:
<p>Here's what I have to do before I will release this to the public (as v2).</p>
<ol>
<li>Code the settings manager.</li>
<li>Code the template editor (with PHP/MySQL support for in the file; possible syntax highlighting.).</li>
<li>Add basic user settings (password, email change).</li>
<li>Add user group system with ability to create/delete/edit groups and permissions (admins, writers, mods, normal users).</li>
<li>Registration page with reCAPTCHA (or my own captcha system).</li>
<li>Add a link to view the post (post/<postname>) and convert the pages link to a less annoying way (pages/<pagename>).</li>
<li>Add comment system (only certain usergroups can post comments on articles; certain usergroups requiring their posts to be approved; also have posts be deletable.)</li>
<li>Installer written to make this easier to install for people.</li>
</ol>
Here's the php code used:
isset($_POST['Create_Page'])){
$pname = trim($_POST['pname']);
$content = trim($_POST['content']);
if(!isset($pname,$content)){
print "Content or pname fields not filled in. Try again.";
print ' <form action="'.$domain.'/admin.php?section=pages&do=add" method="POST">
<p>Title: <input type="text" name="pname" maxlength="30" value="'.$pname.'" /></p>
<p>Content:<br />
<textarea name="content">'.$content.'</textarea> </p>
<input name="Create_Page" type="submit" value="Create Page" /></form> ';
}/*vars are wrong...*/
else{
$pname = str_replace(" ","_", $pname);
$sql = "INSERT INTO ".$pagetable." (`pageid`, `pname`, `content`) VALUES ('', '".$pname."', '{$content}')";
mysql_query($sql) or die("Failed to add page to table. This is the mysql error, if there is one:<br />
<br />
<blockquote style=\"background:#000000; color:#FFFFFF;\">".mysql_error()."</blockquote>");
print "Page '{$pname}' added. Use the form below to add a new page.<br />
<br />
";
print ' <form action="'.$domain.'/admin.php?section=pages&do=add" method="POST">
<p>Page Name: <input type="text" name="pname" maxlength="30" /></p>
<p>Content:<br />
<textarea name="content"></textarea> </p>
<input name="Create_Page" type="submit" value="Create Page" /></form> ';
}/*query*/
}/*form submitted*/
else{
print ' <form action="'.$domain.'/admin.php?section=pages&do=add" method="POST">
<p>Page Name: <input type="text" name="pname" maxlength="30" /></p>
<p>Content:<br />
<textarea name="content"></textarea> </p>
<input name="Create_Page" type="submit" value="Create Page" /></form> ';
}
The error is not helpful.
Quote: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(pageid
,pname
,content
) VALUES ('', 'Blog_Todo_List', '
Here\'s what I ' at line 1
Can anyone help?