- Code: Select all
$query = $db->query("INSERT INTO `table` ( `field1`, `field2` ) VALUES ( '{$_REQUEST['value1']}', '{$_REQUEST['value2']}' );
$query->execQuery();
In an attempt to insert a blob into the database using the addParam method, I kept coming across an error in the query syntax. It seemed that a few of the value separators from within the sql string had been removed, and the HTML tags has been striped and replaced with \\r\n.
- Code: Select all
$query = $db->query("INSERT INTO `table` ( `field1`, `field2` ) VALUES ( ?, ? );
$query->addParam('field1', $_REQUEST['field1'], MYSQLDB_TYPE_STRING);
$query->addParam('field2', $_REQUEST['field2'], MYSQLDB_TYPE_BLOB);
$query->execQuery();
When changing the type constant of the blob to MYSQLDB_TYPE_STRING, it successfully inserted the information into the database, however it still replaced the html tags with \\r\n.