timmah1 Posted January 2, 2009 Share Posted January 2, 2009 I'm trying to allow the users to be able to write their own description of things. The problem is, if they put ' or ", it don't go into the database. I have this $hint = mysql_real_escape_string($_POST['hint'][$i]); $hint = addslashes($_POST['hint'][$i]); but it's inserting the ' or " or anything after those characters. How can I get these inserted? Thanks in advance Quote Link to comment Share on other sites More sharing options...
dennismonsewicz Posted January 2, 2009 Share Posted January 2, 2009 i would combine the vars... $hint = mysql_real_escape_string(addslashes($_POST['hint'][$i])) Quote Link to comment Share on other sites More sharing options...
DarkWater Posted January 2, 2009 Share Posted January 2, 2009 Don't use mysql_real_escape_string() AND addslashes(). Use the former. Quote Link to comment Share on other sites More sharing options...
timmah1 Posted January 2, 2009 Author Share Posted January 2, 2009 ok, I'm sorry, it is inserting into the database, but when it's retrieved into the text box, it don't show correctly in the text box. Right now, I have this in the database Order tonight\'s special But when it's pulled back out into the text box, it only shows Order tonight How can I show it correctly? I tried this $hint = stripslashes($a[hint]); Quote Link to comment Share on other sites More sharing options...
timmah1 Posted January 2, 2009 Author Share Posted January 2, 2009 ok, i'll change it too $hint = mysql_real_escape_string(addslashes($_POST['hint'][$i])) Quote Link to comment Share on other sites More sharing options...
dennismonsewicz Posted January 2, 2009 Share Posted January 2, 2009 Don't use mysql_real_escape_string() AND addslashes(). Use the former. Why not? just wondering... Quote Link to comment Share on other sites More sharing options...
dennismonsewicz Posted January 2, 2009 Share Posted January 2, 2009 oh i see why not... mysql_real_escape_string prepends slashes... so the addslashes is not needed Quote Link to comment Share on other sites More sharing options...
DarkWater Posted January 2, 2009 Share Posted January 2, 2009 Don't use mysql_real_escape_string() AND addslashes(). Use the former. Why not? just wondering... <?php echo mysql_real_escape_string(addslashes("Some random stuff ' ")); ?> OUTPUT: Some random stuff \\\' It completely wrecks your backslashes by using both of them. Quote Link to comment Share on other sites More sharing options...
dennismonsewicz Posted January 2, 2009 Share Posted January 2, 2009 Don't use mysql_real_escape_string() AND addslashes(). Use the former. Why not? just wondering... <?php echo mysql_real_escape_string(addslashes("Some random stuff ' ")); ?> OUTPUT: Some random stuff \\\' It completely wrecks your backslashes by using both of them. Thanks! Quote Link to comment Share on other sites More sharing options...
timmah1 Posted January 2, 2009 Author Share Posted January 2, 2009 ok, now how about displaying the information into the text box? Quote Link to comment Share on other sites More sharing options...
dennismonsewicz Posted January 2, 2009 Share Posted January 2, 2009 try just using this $hint = mysql_real_escape_string($_POST['hint'][$i]); Quote Link to comment Share on other sites More sharing options...
timmah1 Posted January 2, 2009 Author Share Posted January 2, 2009 ok, I'm sorry, it is inserting into the database, but when it's retrieved into the text box, it don't show correctly in the text box. Right now, I have this in the database Order tonight\'s special But when it's pulled back out into the text box, it only shows Order tonight How can I show it correctly? I tried this $hint = stripslashes($a[hint]); Quote Link to comment Share on other sites More sharing options...
DarkWater Posted January 2, 2009 Share Posted January 2, 2009 Can I see your code for putting it back into the textbox? I'm 99% sure that you have it as a value="" attribute on a tag and you're not encoding the quote, so it's breaking the HTML. Quote Link to comment Share on other sites More sharing options...
timmah1 Posted January 2, 2009 Author Share Posted January 2, 2009 your right echo "<input type='text' class='textfield' size='50' name='hint[]' value='$a[hint]'> </td>"; Quote Link to comment Share on other sites More sharing options...
timmah1 Posted January 2, 2009 Author Share Posted January 2, 2009 ok I have it fixed, thanks DarkWater $hint = stripslashes($a['hint']); echo "<input type='text' class='textfield' size='50' name='hint[]' value='", htmlentities($hint, ENT_QUOTES), "'> </td>"; Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.