Zeradin Posted September 4, 2008 Share Posted September 4, 2008 I am trying to update a field in my sql table from an html form like this: if ($pblurb != NULL) { $pblurbquery = 'UPDATE users SET pblurb = "'.$pblurb.'" WHERE username = "'.$username.'"'; $pblurbresult=mysql_query($pblurbquery); but i want the input to allow html tags. When they are included in the form i get a return code 4 and it does not change the entry. how do i allow for html in my input? i know this is probably a common problem but sifting through all the replies that sound kind of like this is proving to be difficult. thanks! Quote Link to comment Share on other sites More sharing options...
Mchl Posted September 4, 2008 Share Posted September 4, 2008 use mysql_real_escape_string() on $pblurb before composing a query Quote Link to comment Share on other sites More sharing options...
Zeradin Posted September 4, 2008 Author Share Posted September 4, 2008 if ($pblurb != NULL) { mysql_real_escape_string($pblurb); $pblurbquery = 'UPDATE users SET pblurb = "'.$pblurb.'" WHERE username = "'.$username.'"'; $pblurbresult=mysql_query($pblurbquery); } ^ That did not work. Did I not understand properly? Quote Link to comment Share on other sites More sharing options...
Mchl Posted September 5, 2008 Share Posted September 5, 2008 $pblurbEscaped = mysql_real_escape_string($pblurb); $pblurbquery = 'UPDATE users SET pblurb = "'.$pblurbEscaped.'" WHERE username = "'.$username.'"'; Quote Link to comment Share on other sites More sharing options...
Zeradin Posted September 5, 2008 Author Share Posted September 5, 2008 EDIT wait no! I still get a return code:4 and the changes aren't made, wtf this is my input This is my <b>profile blurb</b>. Quote Link to comment Share on other sites More sharing options...
Mchl Posted September 5, 2008 Share Posted September 5, 2008 Do this: if(!$pblurbresult=mysql_query($pblurbquery)) echo mysql_error(); this will display any mysql errors And problem with query $pblurbquery = "UPDATE users SET pblurb = '$pblurbEscaped' WHERE username = '$username'"; Quote Link to comment Share on other sites More sharing options...
Zeradin Posted September 5, 2008 Author Share Posted September 5, 2008 if ($pblurb != NULL) { $pblurbEscaped = mysql_real_escape_string($pblurb); $pblurbquery = "UPDATE users SET pblurb = '$pblurbEscaped' WHERE username = '$username'"; $pblurbresult=mysql_query($pblurbquery); if(!$pblurbresult=mysql_query($pblurbquery)) echo mysql_error(); } that didn't do anything differently =( Quote Link to comment Share on other sites More sharing options...
Mchl Posted September 5, 2008 Share Posted September 5, 2008 if ($pblurb != NULL) { $pblurbEscaped = mysql_real_escape_string($pblurb); $pblurbquery = "UPDATE users SET pblurb = '$pblurbEscaped' WHERE username = '$username'"; if(!$pblurbresult=mysql_query($pblurbquery)) echo mysql_error(); } Try echo $pblurbquery; to see if query is well formed Quote Link to comment Share on other sites More sharing options...
fenway Posted September 5, 2008 Share Posted September 5, 2008 Try echo $pblurbquery; to see if query is well formed That should always be the FIRST thing you do. Quote Link to comment Share on other sites More sharing options...
Zeradin Posted September 5, 2008 Author Share Posted September 5, 2008 UPDATE users SET pblurb = "This is my profile blurb. I\'m worried quotes are a problem." WHERE id = 7Return Code: 4 when it shows the profile blurb it puts it in bold... shit i took the bold tag out and it still has the error, it's obviously another problem. i changed it to id to make it more simple as well Quote Link to comment Share on other sites More sharing options...
Zeradin Posted September 5, 2008 Author Share Posted September 5, 2008 Hey! I still get the return code, but it works now! good enough! Thanks guys! This place should have a thanks counter of user names, you guys help a lot. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.