mjurmann Posted November 22, 2006 Share Posted November 22, 2006 Hello there! I am trying to convert text input by a user including line breaks and ' ' to html markup so that when it is inserted in the database, the ' and line breaks are converted into code so that when the information put in the database is echoed out, it does not stop echoing right before the ' and ignore the line breaks!Help anyone? Quote Link to comment Share on other sites More sharing options...
Vikas Jayna Posted November 22, 2006 Share Posted November 22, 2006 use the [b]htmlentities()[/b] functionhttp://in.php.net/manual/en/function.htmlentities.php Quote Link to comment Share on other sites More sharing options...
joshi_v Posted November 22, 2006 Share Posted November 22, 2006 I think addslashes() will works for you!before passing the value to database send it as 'addslashes(value)' .while displaying again to form use 'stripslashes(value)'so that it will escape all the ' with backslash. Quote Link to comment Share on other sites More sharing options...
mjurmann Posted November 22, 2006 Author Share Posted November 22, 2006 Ok, so where do I put the addslashes at? GetSQLValueString($_POST['form_description'], "text"), Here? Quote Link to comment Share on other sites More sharing options...
joshi_v Posted November 22, 2006 Share Posted November 22, 2006 GetSQLValueString??What it is this? sorry i didn't understand you.but i can say you can use it directly in insert query too.see this example.$sql="insert into table_name (id,name) values ('$id','".addslashes($_POST['name']."')";Let us know if you still had a problem with it please post your piece of code here . :)Joshi. Quote Link to comment Share on other sites More sharing options...
mjurmann Posted November 22, 2006 Author Share Posted November 22, 2006 if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "addlisting")) { $insertSQL = sprintf("INSERT INTO uploaded (type, name, URL, description, address, phone_number, email, imageURL) VALUES (%s, %s, %s, %s, %s, %s, %s, %s)", GetSQLValueString($_POST['form_menu'], "text"), GetSQLValueString($_POST['form_name'], "text"), GetSQLValueString($_POST['form_url'], "text"), GetSQLValueString($_POST['form_description'], "text"), GetSQLValueString($_POST['address'], "text"), GetSQLValueString($_POST['phone'], "text"), GetSQLValueString($_POST['email'], "text"), GetSQLValueString($_POST['uploaded'], "text"));I want DESCRIPTION to be the field that has the slashes applied to it. How do I write that? Quote Link to comment Share on other sites More sharing options...
joshi_v Posted November 22, 2006 Share Posted November 22, 2006 I think you are using dreamweaver generated code for form insertion.anyway..if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "addlisting")) { $insertSQL = sprintf("INSERT INTO uploaded (type, name, URL, description, address, phone_number, email, imageURL) VALUES (%s, %s, %s, %s, %s, %s, %s, %s)", GetSQLValueString($_POST['form_menu'], "text"), GetSQLValueString($_POST['form_name'], "text"), GetSQLValueString($_POST['form_url'], "text"), GetSQLValueString($_POST['form_description'], "text"), GetSQLValueString($_POST['address'], "text"), GetSQLValueString($_POST['phone'], "text"), GetSQLValueString($_POST['email'], "text"), GetSQLValueString($_POST['uploaded'], "text"));Replace it with this[code]<?phpif ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "addlisting")) { $insertSQL = sprintf("INSERT INTO uploaded (type, name, URL, description, address, phone_number, email, imageURL) VALUES (%s, %s, %s, %s, %s, %s, %s, %s)", "GetSQLValueString($_POST['form_menu'], "text")", GetSQLValueString($_POST['form_name'], "text"), GetSQLValueString($_POST['form_url'], "text"), ".addslashes(GetSQLValueString($_POST['form_description'], "text")).", GetSQLValueString($_POST['address'], "text"), GetSQLValueString($_POST['phone'], "text"), GetSQLValueString($_POST['email'], "text"), GetSQLValueString($_POST['uploaded'], "text"));?>[/code]Try it. Quote Link to comment Share on other sites More sharing options...
mjurmann Posted November 22, 2006 Author Share Posted November 22, 2006 Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/dogbosto/www/www/htms/addlisting_uploaded.php on line 59 Getting that error Quote Link to comment Share on other sites More sharing options...
joshi_v Posted November 22, 2006 Share Posted November 22, 2006 Oh Sorry![code]<?phpif ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "addlisting")) { $insertSQL = sprintf("INSERT INTO uploaded (type, name, URL, description, address, phone_number, email, imageURL) VALUES ('$_POST[form_menu]','$_POST[form_name]','$_POST[form_url]', '".addslashes($_POST[form_description])."', '$_POST[address]','$_POST[phone]','$_POST[email]','$_POST[uploaded]'));?>[/code]Try this now! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.