Jump to content

Cannot enter a apostrophe into my database

lice200

By lice200
in PHP Coding Help

 Share

Recommended Posts

lice200 Newbie

lice200

Posted
Posted
Hi,

When i try to enter a apostrophe into my Text Field then submit it to a database the text will not show up.

Database Structure:
Link_ID Int(11) Not Null Auto_increment
Link_Text Text Not null

Example: Without Apostrophe
I like php

Link_ID: 1
Link_Text: I like php
----------------------------------

Example: With Apostrophe
I like php'

Link_ID: 2
Link_Text:
----------------------------------


I don't understand why it's doing this. Can you help me find a solution?

-Lice
lice200 Newbie

lice200

Posted
  • Author
Posted
[!--quoteo(post=382172:date=Jun 10 2006, 03:04 AM:name=Crayon Violent)--][div class=\'quotetop\']QUOTE(Crayon Violent @ Jun 10 2006, 03:04 AM) [snapback]382172[/snapback][/div][div class=\'quotemain\'][!--quotec--]
try doing \'
[/quote]

Thanks for the help.

That will not work. You have to understand that I have to enter alot of these per day. Many of them have a apostrophe. Adding a \ to every single one would be to time consuming...

Is there any other way I can have done for me?
lice200 Newbie

lice200

Posted
  • Author
Posted
[!--quoteo(post=382182:date=Jun 10 2006, 03:36 AM:name=radalin)--][div class=\'quotetop\']QUOTE(radalin @ Jun 10 2006, 03:36 AM) [snapback]382182[/snapback][/div][div class=\'quotemain\'][!--quotec--]
yes, there is function for that in php.

$searchstring = str_replace ("\'","'",$searchstring) ;

this function will replace all " ' " with a " \' " and by this way your query will not blow up.
[/quote]


Where do i put this?
wildteen88 Regular Member

wildteen88

Posted
Posted
You can just use addslashes (when data is entered into the database) and stripslashes (when data is pullout of the database).

addslashes will escape any double or single quotes in the data you have submitted automatically, and stripslashes does the opposite, which is remove the slashes addslashes added.
kenrbnsn Regular Member

kenrbnsn

Posted
Posted
Use the function [a href=\"http://www.php.net/mysql_real_escape_string\" target=\"_blank\"]mysql_real_escape_string()[/a] instead of [a href=\"http://www.php.net/addslashes\" target=\"_blank\"]addslashes()[/a]. The former will work with multi-byte characters and it will quote more characters that can cause problems with mysql than the latter. Also, I have found that you don't have to remember to use the funtion [a href=\"http://www.php.net/stripslashes\" target=\"_blank\"]stripslashes()[/a] when retrieving the data from the database.

Ken
radalin Member

radalin

Posted
Posted
you have form don't you. And you have a php form that makes an insert into the db.

you are taking a value like :
[code]
$value = $_GET['value'];
[/code]
and then inserting it something like:
[code]
mysql_query("INSERT INTO .... values ('$value')");
[/code]

you have to insert addlashes or mysql_real_escape_string or str_replace or whatever you intend to do before sending it to the query so your code should like:
[code]
$value = $_GET['value'];
$value = addlashes($value);
mysql_query("INSERT INTO.... VALUES('$value')");
[/code]
Got that?
lice200 Newbie

lice200

Posted
  • Author
Posted
Okay this is my code now

[code]    $link_title = $_POST['link_title'];
    $link_link = $_POST['link_link'];
    $link_date = $_POST['link_date'];
    $link_sfw = $_POST['link_sfw'];
        $query = ("INSERT INTO archive (link_title,link_link,link_date,link_sfw) VALUES ('$link_title', '$link_link', '$link_date', '$link_sfw')");
        mysql_query($query);
        mysql_close();[/code]

This is what i tried...

[code]    $link_title = $_POST['link_title'];
    $strreplace = str_replace ("\'","'",$link_title);
    $link_link = $_POST['link_link'];
    $link_date = $_POST['link_date'];
    $link_sfw = $_POST['link_sfw'];
        $query = ("INSERT INTO archive (link_title,link_link,link_date,link_sfw) VALUES ('$strreplace', '$link_link', '$link_date', '$link_sfw')");
        mysql_query($query);
        mysql_close();[/code]

Sorry for the touble. I just don't understand how it works...
.josh Advanced Member

.josh

Posted
Posted
[code]
$link_title = mysql_real_escape_string($_POST['link_title']);
$link_link = mysql_real_escape_string($_POST['link_link']);
$link_date = mysql_real_escape_string($_POST['link_date']);
$link_sfw = mysql_real_escape_string($_POST['link_sfw']);

$query = ("INSERT INTO archive (link_title,link_link,link_date,link_sfw) VALUES ('$link_title', '$link_link', '$link_date', '$link_sfw')");

mysql_query($query);
mysql_close();
[/code]
lice200 Newbie

lice200

Posted
  • Author
Posted
[!--quoteo(post=382775:date=Jun 12 2006, 02:39 AM:name=Crayon Violent)--][div class=\'quotetop\']QUOTE(Crayon Violent @ Jun 12 2006, 02:39 AM) [snapback]382775[/snapback][/div][div class=\'quotemain\'][!--quotec--]
[code]
$link_title = mysql_real_escape_string($_POST['link_title']);
$link_link = mysql_real_escape_string($_POST['link_link']);
$link_date = mysql_real_escape_string($_POST['link_date']);
$link_sfw = mysql_real_escape_string($_POST['link_sfw']);

$query = ("INSERT INTO archive (link_title,link_link,link_date,link_sfw) VALUES ('$link_title', '$link_link', '$link_date', '$link_sfw')");

mysql_query($query);
mysql_close();
[/code]
[/quote]

Thanks ^^
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.