-2

Possible Duplicate:
Difference between single quote and double quote string in php

Hey I'm having trouble inserting page content into my database.

I'm trying to store:

<p class=\"heading_large\"><?php echo $Topic2C2A[data]; ?></p>

Using this code:

$sql="UPDATE event SET 
  data='<p class=\"heading_large\"><?php echo $Topic2C2A[data]; ?></p>' 
  WHERE id='2'";

But when I look at the table all I see is:

<p class="heading_large"><?php echo ; ?></p>

I've obviously escaped the HTML with slashes, is there something similar I need to do with the PHP so $Topic2C2A[data] is displayed?

Community
  • 1
  • 1
Cassie Hicks
  • 31
  • 3
  • *Why* are you trying to store PHP code in there? Why don't you put the data in a single-quoted string variable first? Why don't you use the appropriate database escaping function? – mario Nov 08 '12 at 12:32
  • `data='

    ' . $Topic2C2A[data] . '

    '` should work much better.     – h2ooooooo Nov 08 '12 at 12:33

3 Answers3

0

Your issue is related to the fact PHP is processing variables inside " (double) quotes.

You can change quotes to ' (single) or another option is to change $Topic2C2A[data] to \$Topic2C2A[data].

zysoft
  • 2,268
  • 1
  • 16
  • 21
0

I would suggest you write your $sql as:

$sql="UPDATE event SET data='<p class=\"heading_large\">".$Topic2C2A[data]."</p>' WHERE id='2'";
ajtrichards
  • 29,723
  • 13
  • 94
  • 101
0

Did you try mysqli_real_escape_string()? It should return a fully escaped String!