Cannot enter a apostrophe into my database

lice200 · June 10, 2006

Hi,

When i try to enter a apostrophe into my Text Field then submit it to a database the text will not show up.

Database Structure:
Link_ID Int(11) Not Null Auto_increment
Link_Text Text Not null

Example: Without Apostrophe
I like php

Link_ID: 1
Link_Text: I like php
----------------------------------

Example: With Apostrophe
I like php'

Link_ID: 2
Link_Text:
----------------------------------

I don't understand why it's doing this. Can you help me find a solution?

-Lice

.josh · June 10, 2006

try doing \'

lice200 · June 10, 2006

[!--quoteo(post=382172:date=Jun 10 2006, 03:04 AM:name=Crayon Violent)--][div class=\'quotetop\']QUOTE(Crayon Violent @ Jun 10 2006, 03:04 AM) [snapback]382172[/snapback][/div][div class=\'quotemain\'][!--quotec--]
try doing \'
[/quote]

Thanks for the help.

That will not work. You have to understand that I have to enter alot of these per day. Many of them have a apostrophe. Adding a \ to every single one would be to time consuming...

Is there any other way I can have done for me?

radalin · June 10, 2006

yes, there is function for that in php.

$searchstring = str_replace ("\'","'",$searchstring) ;

this function will replace all " ' " with a " \' " and by this way your query will not blow up.

lice200 · June 10, 2006

[!--quoteo(post=382182:date=Jun 10 2006, 03:36 AM:name=radalin)--][div class=\'quotetop\']QUOTE(radalin @ Jun 10 2006, 03:36 AM) [snapback]382182[/snapback][/div][div class=\'quotemain\'][!--quotec--]
yes, there is function for that in php.

$searchstring = str_replace ("\'","'",$searchstring) ;

this function will replace all " ' " with a " \' " and by this way your query will not blow up.
[/quote]

Where do i put this?

wildteen88 · June 10, 2006

You can just use addslashes (when data is entered into the database) and stripslashes (when data is pullout of the database).

addslashes will escape any double or single quotes in the data you have submitted automatically, and stripslashes does the opposite, which is remove the slashes addslashes added.

lice200 · June 10, 2006

I'm here because im a noob, you can tell me what todo, but it doesnt help if i dont know how todo it.

Please take the time to explain it to me.

kenrbnsn · June 10, 2006

Use the function [a href=\"http://www.php.net/mysql_real_escape_string\" target=\"_blank\"]mysql_real_escape_string()[/a] instead of [a href=\"http://www.php.net/addslashes\" target=\"_blank\"]addslashes()[/a]. The former will work with multi-byte characters and it will quote more characters that can cause problems with mysql than the latter. Also, I have found that you don't have to remember to use the funtion [a href=\"http://www.php.net/stripslashes\" target=\"_blank\"]stripslashes()[/a] when retrieving the data from the database.

Ken

radalin · June 10, 2006

you have form don't you. And you have a php form that makes an insert into the db.

you are taking a value like :
[code]
$value = $_GET['value'];
[/code]
and then inserting it something like:
[code]
mysql_query("INSERT INTO .... values ('$value')");
[/code]

you have to insert addlashes or mysql_real_escape_string or str_replace or whatever you intend to do before sending it to the query so your code should like:
[code]
$value = $_GET['value'];
$value = addlashes($value);
mysql_query("INSERT INTO.... VALUES('$value')");
[/code]
Got that?

lice200 · June 12, 2006

Okay this is my code now

[code]    $link_title = $_POST['link_title'];
    $link_link = $_POST['link_link'];
    $link_date = $_POST['link_date'];
    $link_sfw = $_POST['link_sfw'];
        $query = ("INSERT INTO archive (link_title,link_link,link_date,link_sfw) VALUES ('$link_title', '$link_link', '$link_date', '$link_sfw')");
        mysql_query($query);
        mysql_close();[/code]

This is what i tried...

[code]    $link_title = $_POST['link_title'];
    $strreplace = str_replace ("\'","'",$link_title);
    $link_link = $_POST['link_link'];
    $link_date = $_POST['link_date'];
    $link_sfw = $_POST['link_sfw'];
        $query = ("INSERT INTO archive (link_title,link_link,link_date,link_sfw) VALUES ('$strreplace', '$link_link', '$link_date', '$link_sfw')");
        mysql_query($query);
        mysql_close();[/code]

Sorry for the touble. I just don't understand how it works...

.josh · June 12, 2006

[code]
$link_title = mysql_real_escape_string($_POST['link_title']);
$link_link = mysql_real_escape_string($_POST['link_link']);
$link_date = mysql_real_escape_string($_POST['link_date']);
$link_sfw = mysql_real_escape_string($_POST['link_sfw']);

$query = ("INSERT INTO archive (link_title,link_link,link_date,link_sfw) VALUES ('$link_title', '$link_link', '$link_date', '$link_sfw')");

mysql_query($query);
mysql_close();
[/code]

lice200 · June 12, 2006

[!--quoteo(post=382775:date=Jun 12 2006, 02:39 AM:name=Crayon Violent)--][div class=\'quotetop\']QUOTE(Crayon Violent @ Jun 12 2006, 02:39 AM) [snapback]382775[/snapback][/div][div class=\'quotemain\'][!--quotec--]
[code]
$link_title = mysql_real_escape_string($_POST['link_title']);
$link_link = mysql_real_escape_string($_POST['link_link']);
$link_date = mysql_real_escape_string($_POST['link_date']);
$link_sfw = mysql_real_escape_string($_POST['link_sfw']);

$query = ("INSERT INTO archive (link_title,link_link,link_date,link_sfw) VALUES ('$link_title', '$link_link', '$link_date', '$link_sfw')");

mysql_query($query);
mysql_close();
[/code]
[/quote]

Thanks ^^

Sign In

Cannot enter a apostrophe into my database

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Important Information