coutts Posted September 26, 2008 Share Posted September 26, 2008 <td><input size='25' maxlength='255' name='title' type='text' value='You're the One for Me'/></td> Hi The code above is html generated from an SQL query. As you can see in the value field there is a ' single quote which is ending the value at YOU, not the whole song title. Can anyone suggest how to fix this. The SQL table has You're the One for Me successfully added to the record and I am using single and double quotes in the php to avoid confusion there like this echo( "<tr><td>Song Title</td><td>" . "<input size='25' maxlength='255' name='title' type='text'" . "value='" . $row["title"] . "'/>" . "</td></tr>" ); Thanks Robert Quote Link to comment https://forums.phpfreaks.com/topic/125949-solved-single-quotes-getting-overused-and-confusing/ Share on other sites More sharing options...
mysqldba Posted September 26, 2008 Share Posted September 26, 2008 http://uk2.php.net/addslashes ? i.e. addslashes( $row['title'] ) Quote Link to comment https://forums.phpfreaks.com/topic/125949-solved-single-quotes-getting-overused-and-confusing/#findComment-651307 Share on other sites More sharing options...
coutts Posted September 26, 2008 Author Share Posted September 26, 2008 Please excuse me if I am being dense but - I tried adding addslashes as you prescribed to the page that was displaying the truncated song title and what I then got was You\ and the rest truncated becasue the html code returned was <td><input size='25' maxlength='255' name='title' type='text' value='You\'re the One for Me'/></td> I also thought maybe it was meant to make your data entry page put as slash before the ' but that wasnt it either. I must be missing something here Robert Quote Link to comment https://forums.phpfreaks.com/topic/125949-solved-single-quotes-getting-overused-and-confusing/#findComment-651369 Share on other sites More sharing options...
CroNiX Posted September 26, 2008 Share Posted September 26, 2008 When you are putting data in the database, use addslashes() (or better yet mysql_real_escape_string) and when you retrieve data use stripslashes() to remove them. Quote Link to comment https://forums.phpfreaks.com/topic/125949-solved-single-quotes-getting-overused-and-confusing/#findComment-651394 Share on other sites More sharing options...
Barand Posted September 26, 2008 Share Posted September 26, 2008 If you are using addslashes or mysql_real_escape_string correctly there should be no need to remove slashes when you retrieve the data from the db Quote Link to comment https://forums.phpfreaks.com/topic/125949-solved-single-quotes-getting-overused-and-confusing/#findComment-651566 Share on other sites More sharing options...
coutts Posted September 27, 2008 Author Share Posted September 27, 2008 Good Morning: Well I tried as suggested I added slashes and stripped slashes and the title was still truncated and really I couldnt see how that would fix the problem. I do understand the idea behind slashes or escaping out characters that could be harmful if just anyone can add them to create an SQL statement rather than just adding data. However in this case the problem is really in the html statement, but I'm posting this in the SQL forum because it is a direct result of SQL. When the song title YOU'RE THE ONE is displayed in say a table like this: <tr><td>YOU'RE THE ONE</td></tr> that is fine - no problem but when it is displayed in a input tag like this: <tr><td><input size='25' maxlength='255' name='title' type='text' value='You're the One'/>YOU'RE THE ONE</td></tr> then the ' after YOU ends that field and the song title displays as YOU not YOU'RE THE ONE and this makes perfect sense - if I were writing this as HTML I would see that extra ' and remove it as a mistake. The thing is even if I add and remove an escape slash that does not change the fact that the ' after YOU is still there and HTML-wise it is still a mistake. The only way I have temporarily fixed this is to use ' in the song title but it isnt very slick telling users to use ' Does this long explanation change what anyone thinks is the right approach Thanks Robert Quote Link to comment https://forums.phpfreaks.com/topic/125949-solved-single-quotes-getting-overused-and-confusing/#findComment-651847 Share on other sites More sharing options...
Barand Posted September 27, 2008 Share Posted September 27, 2008 use " <input size='25' maxlength='255' name='title' type='text' value="You're the One"/> Quote Link to comment https://forums.phpfreaks.com/topic/125949-solved-single-quotes-getting-overused-and-confusing/#findComment-651849 Share on other sites More sharing options...
coutts Posted September 27, 2008 Author Share Posted September 27, 2008 Hi OK my problem with double quoting the song title value is that since this is written on the fly with this code echo( "<tr><td>Song Title</td><td>" . "<input size='25' maxlength='255' name='title' type='text'" . " value='" . $row["title"] . "'/>" . "</td></tr>" ); I would have to change it to ????. I can't see how to change this to make it write double quotes in the html without doing something like . " value="" . $row["title"] . ""/>" and the two double quotes would, I believe, get me in trouble too. Right? So is there another way of writing the code above to achieve the HTML that Barand is suggesting ie double quotes on the song title Thanks Quote Link to comment https://forums.phpfreaks.com/topic/125949-solved-single-quotes-getting-overused-and-confusing/#findComment-651878 Share on other sites More sharing options...
Barand Posted September 27, 2008 Share Posted September 27, 2008 echo "<tr><td>Song Title</td><td><input size='25' maxlength='255' name='title' type='text' value=\"{$row['title']}\" /></td></tr>" ; Quote Link to comment https://forums.phpfreaks.com/topic/125949-solved-single-quotes-getting-overused-and-confusing/#findComment-651898 Share on other sites More sharing options...
coutts Posted September 27, 2008 Author Share Posted September 27, 2008 Thanks that is perfect Quote Link to comment https://forums.phpfreaks.com/topic/125949-solved-single-quotes-getting-overused-and-confusing/#findComment-651965 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.