Jump to content


Photo

how to store " " ' ' characters in a field?


  • Please log in to reply
8 replies to this topic

#1 flyclassic

flyclassic
  • Members
  • PipPip
  • Member
  • 11 posts

Posted 08 July 2006 - 05:53 AM

Hi, anyone how to store these characters(", ') in a mysql field??

because in the " " is very sensitive, how do we store into mysql field? do we have to replace the " with something else first and when called back, we replace back again? any examples on the functions?




#2 TEENFRONT

TEENFRONT
  • Members
  • PipPipPip
  • Advanced Member
  • 338 posts

Posted 08 July 2006 - 09:10 AM

$var = "This is "quoted" text";

addslashes($var);

then do an insert query and it should put -  this is \"quoted\" text  into the db for you
Teenfront.co.uk : Free Teen Chat -  FunkySmileys.co.uk : MSN Smileys -  ArcadeMonkey.co.uk : Free Flash Games
8Baller.co.uk : Free Multiplayer Pool [url=http://8Baller.co.uk]

#3 fenway

fenway
  • Staff Alumni
  • MySQL Si-Fu / PHP Resident Alien
  • 16,199 posts
  • LocationToronto, ON

Posted 08 July 2006 - 04:17 PM

Won't that variable declaration throw a parsing error in PHP?  Regardless, addslashes() to escape these special characters in what you need.
Seriously... if people don't start reading this before posting, I'm going to consider not answering at all.

#4 Kurt

Kurt
  • Members
  • PipPipPip
  • Advanced Member
  • 42 posts
  • LocationNew York

Posted 08 July 2006 - 04:20 PM

Won't that variable declaration throw a parsing error in PHP?  Regardless, addslashes() to escape these special characters in what you need.

Yea, probably. So you could just do:

$var = addslashes("This is "quoted" text");

#5 flyclassic

flyclassic
  • Members
  • PipPip
  • Member
  • 11 posts

Posted 09 July 2006 - 06:56 AM

pretty cool, i should try later, that means i can insert html tags and using addslashes identify the "?

#6 Daniel0

Daniel0
  • Staff Alumni
  • Advanced Member
  • 11,956 posts

Posted 09 July 2006 - 03:13 PM

You could also use mysql_real_escape_string.

#7 Chips

Chips
  • Members
  • PipPipPip
  • Advanced Member
  • 68 posts

Posted 10 July 2006 - 10:15 AM

You could also use mysql_real_escape_string.

But how do you actually "strip" (or essentially reverse) what this function does, or does the replacement of the extra characters only occur in mysql, and when the value stored in the database is returned, these are returned as normal - allowing you to just use stripslashes?

Furthermore I note some saying check whether your gpc_quotes or whatever is on (the thing that automatically addslashes to your POST/GEt/COOKIES before running an addslashes - to ensure you don't escape things twice - but when you run stripslashes it appears to remove ALL "\" characters, and not just doubled up ones. Presents a problem of also how to preserve a "\" character in the event that it is supposed to be in there too!

Any help with my understanding here would be greatly appreciated, as I am suddenly having to swap a DB from mssql to mysql, and am trying to ensure that I won't stuff it up too badly :P in MSSQL you just did a str_replace("'", "''", $var) - and when it was returned, well - it automatically "lost" the extra ' that was inserted, meaning no formatting required :P

#8 fenway

fenway
  • Staff Alumni
  • MySQL Si-Fu / PHP Resident Alien
  • 16,199 posts
  • LocationToronto, ON

Posted 10 July 2006 - 04:50 PM

The escaping is only for MySQL internal storage, so these extra slashes will never appear in the output; but you're right that if you have magic_quotes on you have to "check" to make sure you're not doubling things up.
Seriously... if people don't start reading this before posting, I'm going to consider not answering at all.

#9 Chips

Chips
  • Members
  • PipPipPip
  • Advanced Member
  • 68 posts

Posted 11 July 2006 - 08:29 AM

Thanks for the reply :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users