web_master Posted March 1, 2012 Share Posted March 1, 2012 Hi, I have a strange problem. 1. When I want to put a text with some quotation marks in database, I have an error message: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ... 2. When I use a mysql_real_escape_string() the string (text) goes into database (I see it in phpmyadmin) as quot;TXTquot; - but I can't reload it back. 3. When I put into database like this: quot;TXTquot; - than in phpmyadmin looks like this "TXT" - and I can reload it in format "TXT" I don't understand what is the problem, why can I put a text simple in format "TXT". In database I use utf-8bin collation. thnx. T Quote Link to comment Share on other sites More sharing options...
sunfighter Posted March 2, 2012 Share Posted March 2, 2012 Have you tried addslashes ( $str ) and stripslashes ( $str )? Quote Link to comment Share on other sites More sharing options...
requinix Posted March 2, 2012 Share Posted March 2, 2012 mysql_real_escape_string() is the only thing you need to use when putting something into the database (except stripslashes() beforehand if and only if magic_quotes is enabled). When data comes out you do not need to do anything. When displaying it you do need to use a function like htmlentities(). I suspect your code uses htmlentities(), htmlspecialchars(), and/or html_entity_decode() in places where it should not... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.