stormcloud Posted November 2, 2008 Share Posted November 2, 2008 Ok, so i'm not really THAT experienced in the php side of things. I am better at editing/manipulating it than i am at actually writing it. I have put together a simple cms for sites that i design, and all has been working BEAUTIFULLY.... until my hosting provider upgraded all new hosting accounts to PHP5. The main issue i am having at the moment, is all because of this little sucker --> ' <-- The content editing section of my cms uses TinyMCE, and in PHP5, all it takes is one apostrophe in the content, and it all turns to crap, it won't add the content to the database. This is one of MANY problems i am having with PHP5 which i keep getting told is "mostly backwards compatible". Is there something i should be looking for within my code to solve these issues? I have read migrating manuals and tips and can't seem to see where i'm going wrong. Thanks in advance to anyone who read all of this and cares to answer! Link to comment https://forums.phpfreaks.com/topic/131049-php5-is-driving-me-mad/ Share on other sites More sharing options...
trq Posted November 2, 2008 Share Posted November 2, 2008 Sounds like your old code was relying on the magic quotes being enabled. You need to esacpe all data going into a database, using mysql_real_escape_string would be the prefered method. Link to comment https://forums.phpfreaks.com/topic/131049-php5-is-driving-me-mad/#findComment-680393 Share on other sites More sharing options...
stormcloud Posted November 2, 2008 Author Share Posted November 2, 2008 // add new content to the database $result = mysql_query("insert into $database_table (content_id, month, day2, year, content, title, page_id) values(null,'$month','$day2','$year','$content','$title','$page')",$db) or die_now("<h2>Could not add content to database table</h2><p>Check database structure</p>"); Where in this code would that line apply? I;ve tried a few examples but can't get it to work. Cheers. Link to comment https://forums.phpfreaks.com/topic/131049-php5-is-driving-me-mad/#findComment-680400 Share on other sites More sharing options...
chronister Posted November 2, 2008 Share Posted November 2, 2008 // add new content to the database $clean_content = mysql_real_escape_string($content); $clean_title = mysql_real_escape_string($title); $result = mysql_query("insert into $database_table (content_id, month, day2, year, content, title, page_id) values(null,'$month','$day2','$year','$clean_content','$clean_title','$page')",$db) or die_now("<h2>Could not add content to database table</h2><p>Check database structure</p>"); This is the first couple places I would apply it to... if any of the other variables could have an apostrophe, then add it there too. When pulling the information back out, you will then want to use strip_slashes(); to remove the apostrophe so it don't get displayed. Nate Link to comment https://forums.phpfreaks.com/topic/131049-php5-is-driving-me-mad/#findComment-680405 Share on other sites More sharing options...
trq Posted November 2, 2008 Share Posted November 2, 2008 When pulling the information back out, you will then want to use strip_slashes(); to remove the apostrophe so it don't get displayed. There should be no need to strip any slashes from the output. If your data is escaped properly, the slashes will not be stored. They are only there to aid your query. Link to comment https://forums.phpfreaks.com/topic/131049-php5-is-driving-me-mad/#findComment-680411 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.