How to add braces in mysql field values to database?

By murz on 3 Aug 2007 at 12:25 UTC

When I try to add braces to database with function db_query() Drupal always cut it! Not only in table or variable names, but in field values too!

For example string db_query("INSERT INTO {table1} SET id=1, javascript='function test1() {alert('test');}' "); adds to DB a javascript value "function test1() alert('test');", without braces!

Escaping braces with slashes ('function test1() \{alert('test');\}' didn't help and i can't find any option in function db_query for disable checking braces. I can use function _db_query() for this action, but I'll lost table prefix functionality in my module.

May anybody knows any other methods to bypass this problem?

Comments

Use token substitution

skelly commented 17 November 2008 at 02:25

Hi Murz,

You need to pass the value containing the braces as a parameter to the db_query function which takes care of the token substitution after table prefixing. E.g.:

      $result = db_query("UPDATE {my_table} SET `php_data` = '%s' WHERE `status` = 1", array('a:0:{}'));

How to add braces in mysql field values to database?

Comments

Use token substitution

New forum topics

News items

Our community

Documentation

Drupal code base

Governance of community