You shouldn't have to use the quote function in this case. Because you're using the Zend_Db_Table adapter ($db->insert and $db->update) the data from your array is already escaped. Most likely this is adding an extra set of quotes before inserting or updating the data. Hope this helps.
zend db quote (escape) on insert array adds quotes to string
-
14-06-2023 - |
Question
I am inserting an array into my dbatabase using Zend and I am trying to use the $zenddb->quote($string) function to escape my values, but it is adding quotes into the strings, so the quotes are still there in the database after I insert it. Am I using it incorrectly?
$data['tournament_id'] = $this->zdb->quote($_POST['winners_tournament_id']);
$data['user_id'] = $this->zdb->quote($_SESSION['user']);
$data['user_name'] = $this->zdb->quote($_SESSION['first_name']);
$insert = $this->zdb->insert("submitters", $data);
//print_r($data) looks like this:
Array
(
[tournament_id] => '55'
[user_id] => '2182609'
[user_name] => 'eric'
)
The strings are being inserted with quotes around them, and the numbers are being inserted as 0 (zero). When I remove $zenddb->quote(), it works fine. But then how do I escape them properly.
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow