I'm making a scraper in which the user can create templates in which he/she controls what is scraped, the Template editor will store the XPath Locations as I can use the XPath Alongside DOMDocument. the PHP Script I Currently Have for Storing the Queries Is:
<?php
$mysql = new mysqli("*****" , "*****" , "*****" , "price_scraper");
$prod_name = $mysql->real_escape_string($_POST['name']);
$prod_price = $mysql->real_escape_string($_POST['price']);
$prod_stock = $mysql->real_escape_string($_POST['stock']);
$prod_desc = $mysql->real_escape_string($_POST['description']);
$prod_image = $mysql->real_escape_string($_POST['image']);
$prod_styles = $mysql->real_escape_string($_POST['styles']);
$prod_offer_prices = $mysql->real_escape_string($_POST['offer_price']);
$prod_man_ref = $mysql->real_escape_string($_POST['man_ref']);
$prod_specs = $mysql->real_escape_string($_POST['specs']);
$website_id = $mysql->real_escape_string($_POST['site_id']);
$query = "INSERT INTO `scraper_templates` (`product_name` , `product_price` , `product_stock` , `product_description` , `product_image` , `product_styles` , `product_offer_prices` , `product_man_ref` , `product_specs` , `website_id`) VALUES ('$prod_name' , '$prod_price' , '$prod_stock' , '$prod_desc' , '$prod_image' , '$prod_styles' , '$prod_offer_prices' , '$prod_man_ref' , '$prod_specs' , '$website_id')";
$q = $mysql->query($query);
if($q){
die("1");
}else{
die("0");
}
?>
When I come to Insert the XPath Values into the Database the database all the Rows are empty. I thought escaping the string would solve the problem but thats not the case.