Jump to content

Archived

This topic is now archived and is closed to further replies.

acidglitter

working around ' s

Recommended Posts

At my site you can submit reviews.. They go through a normal html contact form into a mysql table. One of the comments had a [color=blue][b]'[/b][/color] in it. So when I tried to move the comment from one table to another table this error message showed up. I went into phpmyadmin and just took the ' out, then I went back to the page I made and it let me move the comment from the first table to the other table..

So my question is.. how can I move things without having to delete the ' ?

Share this post


Link to post
Share on other sites
Use the function [url=http://www.php.net/mysql_real_escape_string]mysql_real_escape_string()[/url] on the data when you insert it into the database.

Ken

Share this post


Link to post
Share on other sites
here is my "Make Safe" function, it makes any string secure for Database

[code]
<?php
function MakeSafe($str, $make_lower = false){
if($make_lower){
$str = strtolower($str);
}
$str = stripslashes($str);
$str = trim($str);
$str = strip_tags($str);
$str = mysql_real_escape_string($str);
return $str;
}

//This is a Safe String, which is lowercase, for usernames ect
$username = MakeSafe($_POST["username"] , 1);

//This makes strings safe, keeping the case
$name = MakeSafe($_POST["name"]);

//So to make a string lowercase
//Add a 2nd argument, with 1 or true in it
?>
[/code]

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.