Jump to content


Photo

working around ' s


  • Please log in to reply
2 replies to this topic

#1 acidglitter

acidglitter
  • Members
  • PipPipPip
  • Advanced Member
  • 355 posts

Posted 22 September 2006 - 09:35 PM

At my site you can submit reviews.. They go through a normal html contact form into a mysql table. One of the comments had a ' in it. So when I tried to move the comment from one table to another table this error message showed up. I went into phpmyadmin and just took the ' out, then I went back to the page I made and it let me move the comment from the first table to the other table..

So my question is.. how can I move things without having to delete the ' ?
my makeup site <3
http://vanillaeyeliner.com

#2 kenrbnsn

kenrbnsn
  • Staff Alumni
  • Advanced Member
  • 8,235 posts
  • LocationHillsborough, NJ, USA

Posted 22 September 2006 - 09:37 PM

Use the function mysql_real_escape_string() on the data when you insert it into the database.

Ken

#3 onlyican

onlyican
  • Members
  • PipPipPip
  • Advanced Member
  • 921 posts
  • LocationHants - UK

Posted 22 September 2006 - 09:47 PM

here is my "Make Safe" function, it makes any string secure for Database

<?php
function MakeSafe($str, $make_lower = false){
if($make_lower){
$str = strtolower($str);
}
$str = stripslashes($str);
$str = trim($str);
$str = strip_tags($str);
$str = mysql_real_escape_string($str);
return $str;
}

//This is a Safe String, which is lowercase, for usernames ect
$username = MakeSafe($_POST["username"] , 1);

//This makes strings safe, keeping the case
$name = MakeSafe($_POST["name"]);

//So to make a string lowercase
//Add a 2nd argument, with 1 or true in it
?>

Tell me the problem, I will try tell you the solution




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users