Marcelc
-
Posts
3 -
Joined
-
Last visited
Posts posted by Marcelc
-
-
@Jacques1
Thanks a lot. That really helps with the my understanding of mysql_real_escape_string and to be honest, I've came to know escaping only recently as I want to pass apostrophe to the database. There is still so many things to learn
I ended up using addslashes() onto the input data and use splitslashes() when displaying the output. I believe this too is not a safe and concrete approach but as my app is not widely distributed I think for now it does the purpose.
On another note, I am interested in adopting modern approach on database function, leaving mysql_query behind. I tried to look around for tutorial but the information out there overwhelmed me and I don't know where to start. Any suggestion?
Thank you very much
P.S. I will love to upload my app here but I have trouble uploading (bad internet connection ) so I will do this soon
-
Note that my code still use the old mysql query and I am aware of that. I want to migrate it to mysqli soon but it will have to wait until I learn how to do so. Meanwhile, please help me with the code that I have now. Thank you
I've looked around the internet to find how to do this and I found two methods:
htmlspecialchars();
and
mysql_real_escape_string();
I wrapped my text into one of the two function in order to pass in text with apostrophe in it to the database.
However I encountered a problem.
With mysql_real_escape_string, I got the desired effect that I want but the problem is that, the function also apply its effect onto html img tag. So <img src="test"> turns into <img src=/"test/"> and therefore images (and also links) will not appear.
With htmlspecialchars, again I got the desired function that I want which is to pass in apostrophe into the database. The problem with this is that when I pull the data out from the database and echo it onto my page, it doesn't render and show as a plain html code.
What confuse me a lot is that, it works fine inside my localhost.
Please help
Thank you!
[HELP] PHP Apostrophe in Text Area
in PHP Coding Help
Posted · Edited by Marcelc
Indeed the code is not ready. The app serves as a way for me to learn, study and explore different aspects of coding and this is a part of it.
Thank you very much for your help
I'll look up PDO, SQL-escaping and HTML-escaping and figure out how to implement those into my code. I'll look forward to update you with progress!
Thank you again