Hi I am having problems adding E-mail to the database using ALTER TABLE. All other column names are added ok, but as soon as there is – inside the name, the column is not added. Can you help me out please? Thanks! mysql_query("ALTER TABLE Customers ADD $ColumnName $ColumnType"); Code (markup):
I'm assuming this is PHP, if so it should have been posted there. If so you problem show what the variables are, unless they are global variables. Anyhow you should problem filter what is injected into your database for security reasons and for issues like now. What I can think of is to use backticks but thats not ANSI complaint so since it looks like you are using php try mysql_query("ALTER TABLE Customers ADD mysql_real_escape_string($ColumnName), $ColumnType"); Code (markup):
I do that already when defining the $ColumnName. So when I use it in mysql_query it is already "escaped". I don't think the problem is in php because all other column names are inserted normally. The only problem is with names that contain - character. Any idea what could be wrong? Thank you!
The problem is more than likely with your PHP because a hyphen(-) needs to be escaped. But could also be how your MySql is configured because Having a hyphen in the table name is a bad idea because its a nonstandard table name. If I were you I would filter and change hyphen (-) to an underscore (_). Backticks could work to, but like I said it is also non-standard code. You could also try addslashes() You should post how you escape the variable $ColumnName
I'll do that. I was hoping I won't have to change that and then change it back everytime column name is shown...