Jump to content


Photo

Cannot enter a apostrophe into my database


  • Please log in to reply
11 replies to this topic

#1 lice200

lice200
  • Members
  • PipPip
  • Member
  • 24 posts

Posted 10 June 2006 - 08:00 AM

Hi,

When i try to enter a apostrophe into my Text Field then submit it to a database the text will not show up.

Database Structure:
Link_ID Int(11) Not Null Auto_increment
Link_Text Text Not null

Example: Without Apostrophe
I like php

Link_ID: 1
Link_Text: I like php
----------------------------------

Example: With Apostrophe
I like php'

Link_ID: 2
Link_Text:
----------------------------------


I don't understand why it's doing this. Can you help me find a solution?

-Lice

#2 .josh

.josh
  • Staff Alumni
  • .josh
  • 14,871 posts

Posted 10 June 2006 - 08:04 AM

try doing \'


Did I help you? Feeling generous? Buy me lunch! 
Please, take the time and do some research and find out how much it would have cost you to get your help from a decent paid-for source. A "roll-of-the-dice" freelancer will charge you $5-$15/hr. A decent entry level freelancer will charge you around $15-30/hr. A professional will charge you anywhere from $50-$100/hr. An agency will charge anywhere from $100-$250/hr. Think about all this when soliciting for help here. Think about how much money you are making from the work you are asking for help on. No, we do not expect you to pay for the help given here, but donating a few bucks is a fraction of the cost of what you would have paid, shows your appreciation, helps motivate people to keep offering help without the pricetag, and helps make this a higher quality free-help community :)

#3 lice200

lice200
  • Members
  • PipPip
  • Member
  • 24 posts

Posted 10 June 2006 - 08:15 AM

[!--quoteo(post=382172:date=Jun 10 2006, 03:04 AM:name=Crayon Violent)--][div class=\'quotetop\']QUOTE(Crayon Violent @ Jun 10 2006, 03:04 AM) View Post[/div][div class=\'quotemain\'][!--quotec--]
try doing \'
[/quote]

Thanks for the help.

That will not work. You have to understand that I have to enter alot of these per day. Many of them have a apostrophe. Adding a \ to every single one would be to time consuming...

Is there any other way I can have done for me?

#4 radalin

radalin
  • Members
  • PipPipPip
  • Advanced Member
  • 179 posts

Posted 10 June 2006 - 08:36 AM

yes, there is function for that in php.

$searchstring = str_replace ("\'","'",$searchstring) ;

this function will replace all " ' " with a " \' " and by this way your query will not blow up.
Roy Simkes
Yet Another Parkyeri Developer

#5 lice200

lice200
  • Members
  • PipPip
  • Member
  • 24 posts

Posted 10 June 2006 - 11:09 AM

[!--quoteo(post=382182:date=Jun 10 2006, 03:36 AM:name=radalin)--][div class=\'quotetop\']QUOTE(radalin @ Jun 10 2006, 03:36 AM) View Post[/div][div class=\'quotemain\'][!--quotec--]
yes, there is function for that in php.

$searchstring = str_replace ("\'","'",$searchstring) ;

this function will replace all " ' " with a " \' " and by this way your query will not blow up.
[/quote]


Where do i put this?

#6 wildteen88

wildteen88
  • Staff Alumni
  • Advanced Member
  • 10,482 posts
  • LocationUK, Bournemouth

Posted 10 June 2006 - 11:18 AM

You can just use addslashes (when data is entered into the database) and stripslashes (when data is pullout of the database).

addslashes will escape any double or single quotes in the data you have submitted automatically, and stripslashes does the opposite, which is remove the slashes addslashes added.

#7 lice200

lice200
  • Members
  • PipPip
  • Member
  • 24 posts

Posted 10 June 2006 - 11:52 AM

I'm here because im a noob, you can tell me what todo, but it doesnt help if i dont know how todo it.

Please take the time to explain it to me.

#8 kenrbnsn

kenrbnsn
  • Staff Alumni
  • Advanced Member
  • 8,235 posts
  • LocationHillsborough, NJ, USA

Posted 10 June 2006 - 11:55 AM

Use the function [a href=\"http://www.php.net/mysql_real_escape_string\" target=\"_blank\"]mysql_real_escape_string()[/a] instead of [a href=\"http://www.php.net/addslashes\" target=\"_blank\"]addslashes()[/a]. The former will work with multi-byte characters and it will quote more characters that can cause problems with mysql than the latter. Also, I have found that you don't have to remember to use the funtion [a href=\"http://www.php.net/stripslashes\" target=\"_blank\"]stripslashes()[/a] when retrieving the data from the database.

Ken

#9 radalin

radalin
  • Members
  • PipPipPip
  • Advanced Member
  • 179 posts

Posted 10 June 2006 - 12:49 PM

you have form don't you. And you have a php form that makes an insert into the db.

you are taking a value like :
$value = $_GET['value'];
and then inserting it something like:
mysql_query("INSERT INTO .... values ('$value')");

you have to insert addlashes or mysql_real_escape_string or str_replace or whatever you intend to do before sending it to the query so your code should like:
$value = $_GET['value'];
$value = addlashes($value); 
mysql_query("INSERT INTO.... VALUES('$value')");
Got that?
Roy Simkes
Yet Another Parkyeri Developer

#10 lice200

lice200
  • Members
  • PipPip
  • Member
  • 24 posts

Posted 12 June 2006 - 06:32 AM

Okay this is my code now

    $link_title = $_POST['link_title'];
    $link_link = $_POST['link_link'];
    $link_date = $_POST['link_date'];
    $link_sfw = $_POST['link_sfw'];
        $query = ("INSERT INTO archive (link_title,link_link,link_date,link_sfw) VALUES ('$link_title', '$link_link', '$link_date', '$link_sfw')");
        mysql_query($query);
        mysql_close();

This is what i tried...

    $link_title = $_POST['link_title'];
    $strreplace = str_replace ("\'","'",$link_title);
    $link_link = $_POST['link_link'];
    $link_date = $_POST['link_date'];
    $link_sfw = $_POST['link_sfw'];
        $query = ("INSERT INTO archive (link_title,link_link,link_date,link_sfw) VALUES ('$strreplace', '$link_link', '$link_date', '$link_sfw')");
        mysql_query($query);
        mysql_close();

Sorry for the touble. I just don't understand how it works...

#11 .josh

.josh
  • Staff Alumni
  • .josh
  • 14,871 posts

Posted 12 June 2006 - 07:39 AM

$link_title = mysql_real_escape_string($_POST['link_title']);
$link_link = mysql_real_escape_string($_POST['link_link']);
$link_date = mysql_real_escape_string($_POST['link_date']);
$link_sfw = mysql_real_escape_string($_POST['link_sfw']);

$query = ("INSERT INTO archive (link_title,link_link,link_date,link_sfw) VALUES ('$link_title', '$link_link', '$link_date', '$link_sfw')");

mysql_query($query);
mysql_close();

Did I help you? Feeling generous? Buy me lunch! 
Please, take the time and do some research and find out how much it would have cost you to get your help from a decent paid-for source. A "roll-of-the-dice" freelancer will charge you $5-$15/hr. A decent entry level freelancer will charge you around $15-30/hr. A professional will charge you anywhere from $50-$100/hr. An agency will charge anywhere from $100-$250/hr. Think about all this when soliciting for help here. Think about how much money you are making from the work you are asking for help on. No, we do not expect you to pay for the help given here, but donating a few bucks is a fraction of the cost of what you would have paid, shows your appreciation, helps motivate people to keep offering help without the pricetag, and helps make this a higher quality free-help community :)

#12 lice200

lice200
  • Members
  • PipPip
  • Member
  • 24 posts

Posted 12 June 2006 - 07:40 AM

[!--quoteo(post=382775:date=Jun 12 2006, 02:39 AM:name=Crayon Violent)--][div class=\'quotetop\']QUOTE(Crayon Violent @ Jun 12 2006, 02:39 AM) View Post[/div][div class=\'quotemain\'][!--quotec--]
$link_title = mysql_real_escape_string($_POST['link_title']);
$link_link = mysql_real_escape_string($_POST['link_link']);
$link_date = mysql_real_escape_string($_POST['link_date']);
$link_sfw = mysql_real_escape_string($_POST['link_sfw']);

$query = ("INSERT INTO archive (link_title,link_link,link_date,link_sfw) VALUES ('$link_title', '$link_link', '$link_date', '$link_sfw')");

mysql_query($query);
mysql_close();
[/quote]

Thanks ^^





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users