Jump to content

Archived

This topic is now archived and is closed to further replies.

DLR

That pesky apostrophe!

Recommended Posts

Hi all, This one has me beat, and any help will be most appreciated. I've looked through past postings but I do not see any obvious solutions to this problem - although the apostrophe seems to create a fair share of them.

The problem is saving information that has an apostrophe.

My code, with comments:


$name = substr($_SESSION['testname'], 0,4); // in this case 'testname' is Shumba's Place
include "bb_conn.inc.php"; // connects to database fine

$check_dupe = "SELECT * FROM bb_places WHERE name LIKE '$name%'";
$result = mysql_query($check_dupe) or die(mysql_error());


?>
<p>
<form action = "test.php" size ="2" method="post">
<select name="mytest">

<?php
while ($row = mysql_fetch_array($result)) {
echo "<option value='" .$row['name']."'>" .$row['name']."</option>" . "\r\n";
}
?>
// two names are shown in the drop down select box , and Shumba's Place shows correctly- Shumba's Place
</select>
<input type="submit" value="TEST">
</form>

// the value for 'mytest' is Shumba (the " 's Place" has been lost). Why, when it shows correctly in the drop down list, does the information change?

I have experimented with stripslashes() and cannot find a resolution.

Help, please!

Share this post


Link to post
Share on other sites
try with
[code]
$check_dupe = "SELECT * FROM bb_places WHERE name LIKE '" . mysql_real_escape_string($name) . "%'";
[/code]

Share this post


Link to post
Share on other sites
The OP's problem is not with his mysql statement, although one should always use the mysql_real_escape_string() function on text that will be used in conjunction with data in the DB, the problem is occuring in the form. The OP is delimiting the value in the <option> tag with a single quote. The browser interpreting the HTML sees the single quote in the data and ends the value there. The rest of the value is ignored. To correct this problem you can do one of the following:[list][*]Use the addslashes() function to escape the quote:
[code]<?php  echo "<option value='" . addslashes($row['name']) . "'>" .$row['name']."</option>\r\n"; ?>[/code][*]Use the htmlentities() function:
[code]<?php  echo "<option value='" . htmlentities($row['name'],ENT_QUOTES) . "'>" .$row['name'] . "</option>\r\n"; ?>[/code][*]Switch the use of the single quote and double quotes:
[code]<?php  echo '<option value="' . $row['name'] . '">' . $row['name'] . "</option>\r\n"; ?>[/code][/list]
Any one of the above coding changes should work.

Ken

Share this post


Link to post
Share on other sites
Thanks for the input Ken. I have spent the last few days trying all 3 ideas - and others - and I cannot get any of them to work. All have the same problem.

I even tried destroyingthe file and re-writing it to remove any "hidden" problems - still no success!

Should you have any other suggestions, they wil of course be welcome!
David

THanks for input. As Ken suggests, the problem does not seem to be here as the name displays with apostrophe in the drop down list.

I tried it as well, and it seems to make no difference.

Share this post


Link to post
Share on other sites
I think you should try to escape it with the ASCII version of the apostrophe, which is

[code]
& # 3 9;
[/code]

(omit the spaces, I had to put them there so the forum could read it [img src=\"style_emoticons/[#EMO_DIR#]/smile.gif\" style=\"vertical-align:middle\" emoid=\":smile:\" border=\"0\" alt=\"smile.gif\" /] )

I had the same problem as you and this worked for me.

Hope this helped,
Ben

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.