Say I want to insert into name, address, city, state, zip values $name, $address

Question

0

Asked: May 12, 20262026-05-12T08:16:34+00:00 2026-05-12T08:16:34+00:00

Say I want to insert into name, address, city, state, zip values $name, $address

0

Say I want to insert into name, address, city, state, zip values $name, $address Etc…..

How can I run mysql_real_escape_string on each of the variables before inserting. There has got to be a foreach or loop or while method instead of writing out each variable right?

Thanks for the help.

Tom

so if I have

 $data = array($address, $city, $name);
 array_map('mysql_real_escape_string', $data);

and

$columns = "name, address, city, state, zip";
$count = $dbh->exec("INSERT INTO customer($columns) VALUES ($data)");

I get a ton of errors.

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'root'@'localhost' (using password: NO) in /Users/tommyscott45/Sites/experiment/result.php on line 23

now what?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-12T08:16:34+00:00

Editorial Team

2026-05-12T08:16:34+00:00Added an answer on May 12, 2026 at 8:16 am

A database error has occurred when trying to invoke mysql_real_escape_string and I see that you’re using $dbh->exec() to execute the query. This suggests that you connect to the database with PDO, so you should rather use PDO::quote instead of mysql_real_escape_string.

Moreover, as others have already mentioned, a better way to solve your problem would be to use prepared statements and PDO::prepare.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Say I want to insert into name, address, city, state, zip values $name, $address

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply