Jump to content


Photo

That pesky apostrophe!


  • Please log in to reply
4 replies to this topic

#1 DLR

DLR
  • Members
  • PipPipPip
  • Advanced Member
  • 66 posts
  • LocationJohannesburg, South Africa

Posted 29 May 2006 - 01:24 PM

Hi all, This one has me beat, and any help will be most appreciated. I've looked through past postings but I do not see any obvious solutions to this problem - although the apostrophe seems to create a fair share of them.

The problem is saving information that has an apostrophe.

My code, with comments:


$name = substr($_SESSION['testname'], 0,4); // in this case 'testname' is Shumba's Place
include "bb_conn.inc.php"; // connects to database fine

$check_dupe = "SELECT * FROM bb_places WHERE name LIKE '$name%'";
$result = mysql_query($check_dupe) or die(mysql_error());


?>
<p>
<form action = "test.php" size ="2" method="post">
<select name="mytest">

<?php
while ($row = mysql_fetch_array($result)) {
echo "<option value='" .$row['name']."'>" .$row['name']."</option>" . "\r\n";
}
?>
// two names are shown in the drop down select box , and Shumba's Place shows correctly- Shumba's Place
</select>
<input type="submit" value="TEST">
</form>

// the value for 'mytest' is Shumba (the " 's Place" has been lost). Why, when it shows correctly in the drop down list, does the information change?

I have experimented with stripslashes() and cannot find a resolution.

Help, please!

#2 Honoré

Honoré
  • Members
  • PipPipPip
  • Advanced Member
  • 66 posts
  • LocationAntwerp - Belgium

Posted 29 May 2006 - 02:04 PM

try with
$check_dupe = "SELECT * FROM bb_places WHERE name LIKE '" . mysql_real_escape_string($name) . "%'";


#3 kenrbnsn

kenrbnsn
  • Staff Alumni
  • Advanced Member
  • 8,235 posts
  • LocationHillsborough, NJ, USA

Posted 29 May 2006 - 03:14 PM

The OP's problem is not with his mysql statement, although one should always use the mysql_real_escape_string() function on text that will be used in conjunction with data in the DB, the problem is occuring in the form. The OP is delimiting the value in the <option> tag with a single quote. The browser interpreting the HTML sees the single quote in the data and ends the value there. The rest of the value is ignored. To correct this problem you can do one of the following:
  • Use the addslashes() function to escape the quote:
    <?php  echo "<option value='" . addslashes($row['name']) . "'>" .$row['name']."</option>\r\n"; ?>
  • Use the htmlentities() function:
    <?php  echo "<option value='" . htmlentities($row['name'],ENT_QUOTES) . "'>" .$row['name'] . "</option>\r\n"; ?>
  • Switch the use of the single quote and double quotes:
    <?php  echo '<option value="' . $row['name'] . '">' . $row['name'] . "</option>\r\n"; ?>
Any one of the above coding changes should work.

Ken

#4 DLR

DLR
  • Members
  • PipPipPip
  • Advanced Member
  • 66 posts
  • LocationJohannesburg, South Africa

Posted 01 June 2006 - 08:34 PM

Thanks for the input Ken. I have spent the last few days trying all 3 ideas - and others - and I cannot get any of them to work. All have the same problem.

I even tried destroyingthe file and re-writing it to remove any "hidden" problems - still no success!

Should you have any other suggestions, they wil of course be welcome!
David

THanks for input. As Ken suggests, the problem does not seem to be here as the name displays with apostrophe in the drop down list.

I tried it as well, and it seems to make no difference.

#5 SacredProductions

SacredProductions
  • Members
  • Pip
  • Newbie
  • 8 posts

Posted 01 June 2006 - 10:57 PM

I think you should try to escape it with the ASCII version of the apostrophe, which is

& # 3 9;

(omit the spaces, I had to put them there so the forum could read it [img src=\"style_emoticons/[#EMO_DIR#]/smile.gif\" style=\"vertical-align:middle\" emoid=\":smile:\" border=\"0\" alt=\"smile.gif\" /] )

I had the same problem as you and this worked for me.

Hope this helped,
Ben




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users