timmah1 Posted January 2, 2009 Share Posted January 2, 2009 I'm trying to allow the users to be able to write their own description of things. The problem is, if they put ' or ", it don't go into the database. I have this $hint = mysql_real_escape_string($_POST['hint'][$i]); $hint = addslashes($_POST['hint'][$i]); but it's inserting the ' or " or anything after those characters. How can I get these inserted? Thanks in advance Link to comment https://forums.phpfreaks.com/topic/139213-solved-special-characters/ Share on other sites More sharing options...
dennismonsewicz Posted January 2, 2009 Share Posted January 2, 2009 i would combine the vars... $hint = mysql_real_escape_string(addslashes($_POST['hint'][$i])) Link to comment https://forums.phpfreaks.com/topic/139213-solved-special-characters/#findComment-728149 Share on other sites More sharing options...
DarkWater Posted January 2, 2009 Share Posted January 2, 2009 Don't use mysql_real_escape_string() AND addslashes(). Use the former. Link to comment https://forums.phpfreaks.com/topic/139213-solved-special-characters/#findComment-728152 Share on other sites More sharing options...
timmah1 Posted January 2, 2009 Author Share Posted January 2, 2009 ok, I'm sorry, it is inserting into the database, but when it's retrieved into the text box, it don't show correctly in the text box. Right now, I have this in the database Order tonight\'s special But when it's pulled back out into the text box, it only shows Order tonight How can I show it correctly? I tried this $hint = stripslashes($a[hint]); Link to comment https://forums.phpfreaks.com/topic/139213-solved-special-characters/#findComment-728153 Share on other sites More sharing options...
timmah1 Posted January 2, 2009 Author Share Posted January 2, 2009 ok, i'll change it too $hint = mysql_real_escape_string(addslashes($_POST['hint'][$i])) Link to comment https://forums.phpfreaks.com/topic/139213-solved-special-characters/#findComment-728155 Share on other sites More sharing options...
dennismonsewicz Posted January 2, 2009 Share Posted January 2, 2009 Don't use mysql_real_escape_string() AND addslashes(). Use the former. Why not? just wondering... Link to comment https://forums.phpfreaks.com/topic/139213-solved-special-characters/#findComment-728156 Share on other sites More sharing options...
dennismonsewicz Posted January 2, 2009 Share Posted January 2, 2009 oh i see why not... mysql_real_escape_string prepends slashes... so the addslashes is not needed Link to comment https://forums.phpfreaks.com/topic/139213-solved-special-characters/#findComment-728162 Share on other sites More sharing options...
DarkWater Posted January 2, 2009 Share Posted January 2, 2009 Don't use mysql_real_escape_string() AND addslashes(). Use the former. Why not? just wondering... <?php echo mysql_real_escape_string(addslashes("Some random stuff ' ")); ?> OUTPUT: Some random stuff \\\' It completely wrecks your backslashes by using both of them. Link to comment https://forums.phpfreaks.com/topic/139213-solved-special-characters/#findComment-728165 Share on other sites More sharing options...
dennismonsewicz Posted January 2, 2009 Share Posted January 2, 2009 Don't use mysql_real_escape_string() AND addslashes(). Use the former. Why not? just wondering... <?php echo mysql_real_escape_string(addslashes("Some random stuff ' ")); ?> OUTPUT: Some random stuff \\\' It completely wrecks your backslashes by using both of them. Thanks! Link to comment https://forums.phpfreaks.com/topic/139213-solved-special-characters/#findComment-728168 Share on other sites More sharing options...
timmah1 Posted January 2, 2009 Author Share Posted January 2, 2009 ok, now how about displaying the information into the text box? Link to comment https://forums.phpfreaks.com/topic/139213-solved-special-characters/#findComment-728171 Share on other sites More sharing options...
dennismonsewicz Posted January 2, 2009 Share Posted January 2, 2009 try just using this $hint = mysql_real_escape_string($_POST['hint'][$i]); Link to comment https://forums.phpfreaks.com/topic/139213-solved-special-characters/#findComment-728175 Share on other sites More sharing options...
timmah1 Posted January 2, 2009 Author Share Posted January 2, 2009 ok, I'm sorry, it is inserting into the database, but when it's retrieved into the text box, it don't show correctly in the text box. Right now, I have this in the database Order tonight\'s special But when it's pulled back out into the text box, it only shows Order tonight How can I show it correctly? I tried this $hint = stripslashes($a[hint]); Link to comment https://forums.phpfreaks.com/topic/139213-solved-special-characters/#findComment-728181 Share on other sites More sharing options...
DarkWater Posted January 2, 2009 Share Posted January 2, 2009 Can I see your code for putting it back into the textbox? I'm 99% sure that you have it as a value="" attribute on a tag and you're not encoding the quote, so it's breaking the HTML. Link to comment https://forums.phpfreaks.com/topic/139213-solved-special-characters/#findComment-728184 Share on other sites More sharing options...
timmah1 Posted January 2, 2009 Author Share Posted January 2, 2009 your right echo "<input type='text' class='textfield' size='50' name='hint[]' value='$a[hint]'> </td>"; Link to comment https://forums.phpfreaks.com/topic/139213-solved-special-characters/#findComment-728185 Share on other sites More sharing options...
timmah1 Posted January 2, 2009 Author Share Posted January 2, 2009 ok I have it fixed, thanks DarkWater $hint = stripslashes($a['hint']); echo "<input type='text' class='textfield' size='50' name='hint[]' value='", htmlentities($hint, ENT_QUOTES), "'> </td>"; Link to comment https://forums.phpfreaks.com/topic/139213-solved-special-characters/#findComment-728193 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.