I have copies text from many html files into one text file/variable and I wants to insert this data(basically html code) into mysql database. I have tried mysql_real_escape_string. But it is still no working. This is what I am doing :
$contentFromHtmlFile=file_get_contents($file);
$all_html_content.=$contentFromHtmlFile;
$all_html_content=mysql_real_escape_string($all_html_content);
$insert_query = "insert into $databasetable (pdf_id,pdf_text_data) values (190,$all_html_content);";
mysql_query($insert_query) or die(mysql_error());
This is the error :
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '<meta charset=\"utf-8\" />
<div id=\"jpedal\" style=\&quo' at line 1
Here link of text I wants to insert: http://pastebin.com/F3BD745h
You have put string values inside single quotes:
$insert_query = "insert into $databasetable(pdf_id,pdf_text_data)values(190,'$all_html_content');";
P.S:mysql_ function are depricared , don't use them. Use mysqli or PDO.
Wrap your variable around single quotes to signify that it's a string (in this case):
$insert_query = "INSERT INTO $databasetable(pdf_id, pdf_text_data)
VALUES(190, '$all_html_content');";
^ ^
Also, if you do not need to use the string for searching or any similar operations, I'd recommend converting it an ordinary string with base64_encode():
$contentFromHtmlFile = file_get_contents($file);
$all_html_content .= $contentFromHtmlFile;
$all_html_content = base64_encode($all_html_content);
$all_html_content = mysql_real_escape_string($all_html_content);