shortysbest Posted June 25, 2010 Share Posted June 25, 2010 So when i enter like.. That's with the single quote, when i enter that in text box and submit it it has an error and doesn't submit it, however it works fine as long as i don't use quotes. So i guess the reason being that the single quote is interfering with my code so idk what i would do to fix this? The entire block of code that deals with the editing/viewing of one of the text boxes would be <?php $query = mysql_query("SELECT * FROM other"); $row = mysql_fetch_assoc($query); $about = $_POST['about']; if ($_SESSION['username']) { if (isset($_POST['save'])) { if($about) { mysql_query("UPDATE other SET about='$about'"); $date = date('Y-m-d h:m:s'); $cpage1 = "index.php?node="; $cpage2 = $_GET['node']; $cpage3 = "$cpage1$cpage2"; mysql_query("INSERT INTO notification VALUES('','About Us','$date','$cpage3')"); print "<h3>Saved Successfully!</h3>"; print "<script>"; print "self.location='index.php?node=home'"; print "</script>"; } else{ print '<style>#abusedit{display:block;}</style>'; print "<h3>You must enter information about you.</h3>"; } } $query = mysql_query("SELECT * FROM other"); $row = mysql_fetch_assoc($query); print '<h5>About Us</h5><br>'; print '<h1>'.$row['about'].'</h1>'; } else { $query = mysql_query("SELECT * FROM other"); $row = mysql_fetch_assoc($query); print '<h5>About Us</h5><br>'; print '<h1>'.$row['about'].'</h1>'; } ?> I think the only thing that needs to be modified is just this part though $about = $_POST['about']; Link to comment https://forums.phpfreaks.com/topic/205822-quotes-in-use-input-text-boxes-problem/ Share on other sites More sharing options...
kenrbnsn Posted June 25, 2010 Share Posted June 25, 2010 Please post your code. Ken Link to comment https://forums.phpfreaks.com/topic/205822-quotes-in-use-input-text-boxes-problem/#findComment-1077035 Share on other sites More sharing options...
shortysbest Posted June 25, 2010 Author Share Posted June 25, 2010 Please post your code. Ken Alright i posted my code above. Link to comment https://forums.phpfreaks.com/topic/205822-quotes-in-use-input-text-boxes-problem/#findComment-1077036 Share on other sites More sharing options...
kenrbnsn Posted June 25, 2010 Share Posted June 25, 2010 Always use the function mysql_real_escape_string on any user entered data that will be used in a query. <?php $about = mysql_real_escape_string($_POST['about']); ?> Ken Link to comment https://forums.phpfreaks.com/topic/205822-quotes-in-use-input-text-boxes-problem/#findComment-1077038 Share on other sites More sharing options...
shortysbest Posted June 25, 2010 Author Share Posted June 25, 2010 Always use the function mysql_real_escape_string on any user entered data that will be used in a query. <?php $about = mysql_real_escape_string($_POST['about']); ?> Ken Thank you very much. Yeah i am new to php in itself, I have only worked with it for about a month. if that. So many functions to memorize and figure out lol. But thanks to people like you I am learning them all Thanks again. Link to comment https://forums.phpfreaks.com/topic/205822-quotes-in-use-input-text-boxes-problem/#findComment-1077039 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.