On 10/7/10 10:26 AM, Christian Ramseyer wrote:
>>
>> $query = "INSERT INTO timmar(pack_date, pack_week, pack_day, pack_pts,
>> pack_name, pack_tidin, pack_tidut, pack_lunch) VALUES('" . $pack_date
>> . "', '" . $pack_week . "', '" . $pack_day . "', '" . $pack_pts . "',
>> '" . $pack_name . "', '" . $pack_tidin . "', '" . $pack_tidut . "', '"
>> . $pack_lunch . "')";
>> $result = pg_query($query);
>> if (!$result) {
>> $errormessage = pg_last_error();
>> echo "Error with query: " . $errormessage;
>> exit();
>> }
Or if you don't like to use prepared statement, you could still drop all
these string concatenations since PHP expands variables in single quotes
that are already in double quotes:
rc@asado-263:~ $ cat foo.php
<?php
$x = "blah";
echo "x = '$x'\n";
?>
rc@asado-263:~ $ php foo.php
x = 'blah'