-4

I written that SQL command, but I'm troubling with it. I still receiving some errors, now its: "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'HALF-LIFE sends a shock through the game industry with its combination of poundi' at line 1"

But i still don't know what is wrong. Processing command via phpmyadmin working properly, but i have to send it via php. 

$sql = "UPDATE steam_games SET description = '1998. HALF-LIFE sends a shock through the game industry with its combination of pounding action and continuous, immersive storytelling. Valve's debut title wins more than 50 game-of-the-year awards on its way to being named \"Best PC Game Ever\" by PC Gamer, and launches a franchise with more than eight million retail units sold worldwide.<br><br>
            NOW. By taking the suspense, challenge and visceral charge of the original, and adding startling new realism and responsiveness, Half-Life 2 opens the door to a world where the player's presence affects everything around him, from the physical environment to the behaviors even the emotions of both friends and enemies.<br><br>
            The player again picks up the crowbar of research scientist Gordon Freeman, who finds himself on an alien-infested Earth being picked to the bone, its resources depleted, its populace dwindling. Freeman is thrust into the unenviable role of rescuing the world from the wrong he unleashed back at Black Mesa. And a lot of people he cares about are counting on him.<br><br>
            The intense, real-time gameplay of Half-Life 2 is made possible only by Source&reg;, Valve's new proprietary engine technology. Source provides major enhancements in:<br><br>
            <ul>
            <li><span class=\"copyHead\">Characters:</span> Advanced facial animation system delivers the most sophisticated in-game characters ever seen. With 40 distinct facial \"muscles,\" human characters convey the full array of human emotion, and respond to the player with fluidity and intelligence.</li>
            <li><span class=\"copyHead\">Physics:</span> From pebbles to water to 2-ton trucks respond as expected, as they obey the laws of mass, friction, gravity, and buoyancy.</li>
            <li><span class=\"copyHead\">Graphics:</span> Source's shader-based renderer, like the one used at Pixar to create movies such as Toy Story&reg; and Monster's, Inc.&reg;, creates the most beautiful and realistic environments ever seen in a video game.</li>
            <li><span class=\"copyHead\">AI:</span> Neither friends nor enemies charge blindly into the fray. They can assess threats, navigate tricky terrain, and fashion weapons from whatever is at hand.</li>
            </ul>', supported_languages = 'English<strong>*</strong>, French<strong>*</strong>, German<strong>*</strong>, Italian<strong>*</strong>, Korean<strong>*</strong>, Spanish<strong>*</strong>, Russian<strong>*</strong>, Simplified Chinese<strong>*</strong>, Traditional Chinese<strong>*</strong>, Dutch, Danish, Finnish, Japanese, Norwegian, Polish, Portuguese, Swedish, Thai<strong>*</strong><br><strong>*</strong>languages with full audio support', header_image = 'http://cdn2.steampowered.com/v/gfx/apps/220/header.jpg?t=1369255063', website = 'http://www.half-life2.com' WHERE appid = 220";
walther
  • 13,466
  • 5
  • 41
  • 67
Marian Kosowski
  • 35
  • 1
  • 5

2 Answers2

1

I would highly recommend preparing over replacing single quotes.

Example:

<?php

//assuming $mysqli is a connected database

$mysqli->prepare("UPDATE steam_games SET description = ?, supported_languages = ?, header_image = ?, website = ? WHERE appid = ?");

$desc = <<<EOT

1998. HALF-LIFE sends a shock through the game industry with its combination of pounding action and continuous, immersive storytelling. Valve's debut title wins more than 50 game-of-the-year awards on its way to being named \"Best PC Game Ever\" by PC Gamer, and launches a franchise with more than eight million retail units sold worldwide.<br><br>
            NOW. By taking the suspense, challenge and visceral charge of the original, and adding startling new realism and responsiveness, Half-Life 2 opens the door to a world where the player's presence affects everything around him, from the physical environment to the behaviors even the emotions of both friends and enemies.<br><br>
            The player again picks up the crowbar of research scientist Gordon Freeman, who finds himself on an alien-infested Earth being picked to the bone, its resources depleted, its populace dwindling. Freeman is thrust into the unenviable role of rescuing the world from the wrong he unleashed back at Black Mesa. And a lot of people he cares about are counting on him.<br><br>
            The intense, real-time gameplay of Half-Life 2 is made possible only by Source&reg;, Valve's new proprietary engine technology. Source provides major enhancements in:<br><br>
            <ul>
            <li><span class=\"copyHead\">Characters:</span> Advanced facial animation system delivers the most sophisticated in-game characters ever seen. With 40 distinct facial \"muscles,\" human characters convey the full array of human emotion, and respond to the player with fluidity and intelligence.</li>
            <li><span class=\"copyHead\">Physics:</span> From pebbles to water to 2-ton trucks respond as expected, as they obey the laws of mass, friction, gravity, and buoyancy.</li>
            <li><span class=\"copyHead\">Graphics:</span> Source's shader-based renderer, like the one used at Pixar to create movies such as Toy Story&reg; and Monster's, Inc.&reg;, creates the most beautiful and realistic environments ever seen in a video game.</li>
            <li><span class=\"copyHead\">AI:</span> Neither friends nor enemies charge blindly into the fray. They can assess threats, navigate tricky terrain, and fashion weapons from whatever is at hand.</li>
            </ul>

EOT;

$languages = <<<EOT

English<strong>*</strong>, French<strong>*</strong>, German<strong>*</strong>, Italian<strong>*</strong>, Korean<strong>*</strong>, Spanish<strong>*</strong>, Russian<strong>*</strong>, Simplified Chinese<strong>*</strong>, Traditional Chinese<strong>*</strong>, Dutch, Danish, Finnish, Japanese, Norwegian, Polish, Portuguese, Swedish, Thai<strong>*</strong><br><strong>*</strong>languages with full audio support

EOT;

$header_img = "http://cdn2.steampowered.com/v/gfx/apps/220/header.jpg?t=1369255063";
$website    = "http://www.half-life2.com";
$appid      = 220;

$mysqli->bind("ssssi", $desc, $languages, $header_img, $website, $appid);
$mysqli->execute();

?>
Dave Chen
  • 10,887
  • 8
  • 39
  • 67
1

Actually, since I did give the first comments as to where the problem lay, this is worthy of an upvote, at the least.

You forgot to escape all the words that contain apostrophes.

In using $myString = str_replace("'", "\'", $sql);, as you stated in your comment and using that in order to "automate" things, you are replacing ALL apostrophes, where some of the apostrophes are needed, in both description = '1998 and </ul>' as well as in the rest of that same line.

The opening and closing apostrophes are NOT to be replaced by \', because this will throw you errors. 

$sql = "UPDATE steam_games SET description = '1998. HALF-LIFE sends a shock through the game industry with its combination of pounding action and continuous, immersive storytelling. Valve\'s debut title wins more than 50 game-of-the-year awards on its way to being named \"Best PC Game Ever\" by PC Gamer, and launches a franchise with more than eight million retail units sold worldwide.<br><br>
    NOW. By taking the suspense, challenge and visceral charge of the original, and adding startling new realism and responsiveness, Half-Life 2 opens the door to a world where the player\'s presence affects everything around him, from the physical environment to the behaviors even the emotions of both friends and enemies.<br><br>
    The player again picks up the crowbar of research scientist Gordon Freeman, who finds himself on an alien-infested Earth being picked to the bone, its resources depleted, its populace dwindling. Freeman is thrust into the unenviable role of rescuing the world from the wrong he unleashed back at Black Mesa. And a lot of people he cares about are counting on him.<br><br>
    The intense, real-time gameplay of Half-Life 2 is made possible only by Source&reg;, Valve\'s new proprietary engine technology. Source provides major enhancements in:<br><br>
    <ul>
    <li><span class=\"copyHead\">Characters:</span> Advanced facial animation system delivers the most sophisticated in-game characters ever seen. With 40 distinct facial \"muscles,\" human characters convey the full array of human emotion, and respond to the player with fluidity and intelligence.</li>
    <li><span class=\"copyHead\">Physics:</span> From pebbles to water to 2-ton trucks respond as expected, as they obey the laws of mass, friction, gravity, and buoyancy.</li>
    <li><span class=\"copyHead\">Graphics:</span> Source\'s shader-based renderer, like the one used at Pixar to create movies such as Toy Story&reg; and Monster\'s, Inc.&reg;, creates the most beautiful and realistic environments ever seen in a video game.</li>
    <li><span class=\"copyHead\">AI:</span> Neither friends nor enemies charge blindly into the fray. They can assess threats, navigate tricky terrain, and fashion weapons from whatever is at hand.</li>
    </ul>', supported_languages = 'English<strong>*</strong>, French<strong>*</strong>, German<strong>*</strong>, Italian<strong>*</strong>, Korean<strong>*</strong>, Spanish<strong>*</strong>, Russian<strong>*</strong>, Simplified Chinese<strong>*</strong>, Traditional Chinese<strong>*</strong>, Dutch, Danish, Finnish, Japanese, Norwegian, Polish, Portuguese, Swedish, Thai<strong>*</strong><br><strong>*</strong>languages with full audio support', header_image = 'http://cdn2.steampowered.com/v/gfx/apps/220/header.jpg?t=1369255063', website = 'http://www.half-life2.com' WHERE appid = 220";
Funk Forty Niner
  • 74,450
  • 15
  • 68
  • 141