How to store large amounts of text in MYSQL database?

Question

I'm trying to store alot of text inside a database, here is my database code:

CREATE TABLE entries(
 ID int NOT NULL AUTO_INCREMENT,
 title varchar(255),
 post TINYTEXT,
 timestamp int(11),
 poster varchar(255),
 upvotes int(255),
 PRIMARY KEY (ID)
);

When I try to enter the text it gives the generic error of checking the MYSQL instructions. When the amount of text is limited however it works even though I am using the type of tinytext which should be able to store alot more information. So what am I missing?

This is my code for entering the information into the database

    if (isset($_POST["title"]) and isset($_POST["posttext"])){
        $title = $_POST["title"];
        $postText = $_POST['posttext'];
        $name = $_SESSION["name"];
        $upvotes = 0;
        date_default_timezone_set('UTC');
        $time = time();

        $sql = "INSERT INTO entries (title, post, timestamp, poster, upvotes) VALUES ('$title', '$postText', '$time', '$name', '$upvotes')";

        if ($conn->query($sql) === TRUE) {
            header("Location: ../index.php");
        } 
        else{  
            echo "Error: " . $sql . "<br>" . $conn->error;
        }
        $conn->close();

    }

Any help on using the tinytext or any other type for storing large amounts of information would be helpful.

For those wondering, I know the different amounts of data that can be stored in all the text variants but that still doesn't fix my issue even when I tired all the other options.

Thanks

Possible duplicate of [TINYTEXT, TEXT, MEDIUMTEXT, and LONGTEXT maximum storage sizes](https://stackoverflow.com/questions/13932750/tinytext-text-mediumtext-and-longtext-maximum-storage-sizes) — , Jul 02 '19 at 23:09
Besides SQL injection, your text probably was not escaped properly (contains a closing quote for example). — Dave S, Jul 02 '19 at 23:41
@DaveS What do you mean besides? The text shouldn't be escaped in any way. Escaping is rather bad. If you have unknown data you need to pass it via parameters in prepared query. — Dharman, Jul 02 '19 at 23:43
I don't believe it has anything to do with a closing quote, because its the same with all other texts that i copy aswell — Deep Harquissandas, Jul 02 '19 at 23:47
@Dharman I agree that *once you switch to mysqli or PDO* you should use prepared queries and not escape text. I'm saying in the current un-safe injection-prone code the text is not escaped, it's used raw from the POST: `$postText = $_POST['posttext'];`. Little Bobby Tables approves of this code. — Dave S, Jul 03 '19 at 01:02

How to store large amounts of text in MYSQL database?

0 Answers0