Solar Posted July 14, 2012 Share Posted July 14, 2012 Well, I never realized this but when submitting a form, either Quotation Marks or Apostrophes works. I maybe "bad coding" it. To have Quotation Marks work <?php mysql_query("INSERT INTO wallposts (username, userfriend, date, ip, message)VALUES(\"$username\", \"$userfriend\", \"$date\", \"$ip\", \"$message\")"); ?> To have Apostrophes work <?php mysql_query("INSERT INTO wallposts (username, userfriend, date, ip, message)VALUES('$username', '$userfriend', '$date', '$ip', '$message')"); ?> I mainly need both to work for $message. Is there a simple solution? Do I need to extend a variable? Thanks! Edit: Extending my question for a better understanding. When a user uses characters like quotation marks and or apostrophes one or the other works, depending on the code provided above. How can I fix this? Quote Link to comment https://forums.phpfreaks.com/topic/265683-help-quotation-marks-apostrophes/ Share on other sites More sharing options...
Solar Posted July 14, 2012 Author Share Posted July 14, 2012 I've decided to use STRIP_TAGS method and it worked. $message = htmlentities(strip_tags($_POST['message'])); Please correct me if I am using this wrong. Quote Link to comment https://forums.phpfreaks.com/topic/265683-help-quotation-marks-apostrophes/#findComment-1361557 Share on other sites More sharing options...
Pikachu2000 Posted July 14, 2012 Share Posted July 14, 2012 mysql_real_escape_string Quote Link to comment https://forums.phpfreaks.com/topic/265683-help-quotation-marks-apostrophes/#findComment-1361563 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.