Solar Posted July 14, 2012 Share Posted July 14, 2012 Well, I never realized this but when submitting a form, either Quotation Marks or Apostrophes works. I maybe "bad coding" it. To have Quotation Marks work <?php mysql_query("INSERT INTO wallposts (username, userfriend, date, ip, message)VALUES(\"$username\", \"$userfriend\", \"$date\", \"$ip\", \"$message\")"); ?> To have Apostrophes work <?php mysql_query("INSERT INTO wallposts (username, userfriend, date, ip, message)VALUES('$username', '$userfriend', '$date', '$ip', '$message')"); ?> I mainly need both to work for $message. Is there a simple solution? Do I need to extend a variable? Thanks! Edit: Extending my question for a better understanding. When a user uses characters like quotation marks and or apostrophes one or the other works, depending on the code provided above. How can I fix this? Link to comment https://forums.phpfreaks.com/topic/265683-help-quotation-marks-apostrophes/ Share on other sites More sharing options...
Solar Posted July 14, 2012 Author Share Posted July 14, 2012 I've decided to use STRIP_TAGS method and it worked. $message = htmlentities(strip_tags($_POST['message'])); Please correct me if I am using this wrong. Link to comment https://forums.phpfreaks.com/topic/265683-help-quotation-marks-apostrophes/#findComment-1361557 Share on other sites More sharing options...
Pikachu2000 Posted July 14, 2012 Share Posted July 14, 2012 mysql_real_escape_string Link to comment https://forums.phpfreaks.com/topic/265683-help-quotation-marks-apostrophes/#findComment-1361563 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.