Jim R Posted April 5, 2020 Share Posted April 5, 2020 I have a paragraph in a text in my data table column with apostrophes and heights, like, "He'll likely grow beyond 6'6"." I've tried addslashes($update), but it's not working. (At another time I thought I had something like that.) Is there something that will take care of it short of typing \ before every instance I use quotes, the using stripslash? Quote Link to comment https://forums.phpfreaks.com/topic/310469-escaping-single-quotes-in-text/ Share on other sites More sharing options...
ginerjm Posted April 5, 2020 Share Posted April 5, 2020 (edited) You could use str_replace I suppose. Test it out. That's what I would have done before writing here. And what is wrong with addslashes? What is it NOT doing? Edited April 5, 2020 by ginerjm Quote Link to comment https://forums.phpfreaks.com/topic/310469-escaping-single-quotes-in-text/#findComment-1576376 Share on other sites More sharing options...
Jim R Posted April 5, 2020 Author Share Posted April 5, 2020 (edited) What am I replacing though? I searched a good amount on this topic, as addslash wasn't working. Adding \ to the text then stripping it looks to be a work around. I just thought there was a better way without forcing those doing the inputting to the table to add them. It's not very native. str_replace("'","'",$update) - didn't work. Neither did... str_replace("'","\'",$update) Edited April 5, 2020 by Jim R Quote Link to comment https://forums.phpfreaks.com/topic/310469-escaping-single-quotes-in-text/#findComment-1576377 Share on other sites More sharing options...
ginerjm Posted April 5, 2020 Share Posted April 5, 2020 What didn't addslashes do? Please elaborate since "wasn't working" doesn't say shit. And as for using str_replace - is that your EXACT code? Quote Link to comment https://forums.phpfreaks.com/topic/310469-escaping-single-quotes-in-text/#findComment-1576378 Share on other sites More sharing options...
Jim R Posted April 5, 2020 Author Share Posted April 5, 2020 The addslashes didn't escape the single quotation marks in text (the subject of the topic). The exact code is echo str_replace("'","\'",$update); Quote Link to comment https://forums.phpfreaks.com/topic/310469-escaping-single-quotes-in-text/#findComment-1576379 Share on other sites More sharing options...
ginerjm Posted April 5, 2020 Share Posted April 5, 2020 If you read the manual you'll see that you need to supply a result argument for the changed string. Quote Link to comment https://forums.phpfreaks.com/topic/310469-escaping-single-quotes-in-text/#findComment-1576380 Share on other sites More sharing options...
ginerjm Posted April 5, 2020 Share Posted April 5, 2020 PS - using addslashes is hard to verify since they don't show up visually. If you are doing this to add to a db go ahead and do it and then see if the data is completely returned in a query result. Quote Link to comment https://forums.phpfreaks.com/topic/310469-escaping-single-quotes-in-text/#findComment-1576381 Share on other sites More sharing options...
Jim R Posted April 5, 2020 Author Share Posted April 5, 2020 Turns out part of the problem using an iPad to enter that specific data to the table. Not sure why there is a difference in using ' and " on an iPad vs. a Mac, but there is. So I changed out all the single and double quotes (very early in this process, so it's not too big of an issue at the moment), then added this line... $update = mysqli_real_escape_string($con,$row['review']); Then stripslash($update) when I needed output. Quote Link to comment https://forums.phpfreaks.com/topic/310469-escaping-single-quotes-in-text/#findComment-1576382 Share on other sites More sharing options...
ginerjm Posted April 5, 2020 Share Posted April 5, 2020 Probably a different character set. YOu may need to do a type conversion for all the input from the ipad if it doesn't match your db set. Quote Link to comment https://forums.phpfreaks.com/topic/310469-escaping-single-quotes-in-text/#findComment-1576383 Share on other sites More sharing options...
Jim R Posted April 5, 2020 Author Share Posted April 5, 2020 Yeah, I forgot it does that because when I use Textastic for code, it has separate keys for quotes and double quotes. I'll likely be the only one using an iPad to input data in my group, so that should be easy enough going forward. Quote Link to comment https://forums.phpfreaks.com/topic/310469-escaping-single-quotes-in-text/#findComment-1576384 Share on other sites More sharing options...
ginerjm Posted April 5, 2020 Share Posted April 5, 2020 CAn you alter the char set on an ipad? Quote Link to comment https://forums.phpfreaks.com/topic/310469-escaping-single-quotes-in-text/#findComment-1576385 Share on other sites More sharing options...
Barand Posted April 5, 2020 Share Posted April 5, 2020 (edited) PMFJI, but I ran a simple test Text entered in form Text then stored in db table, retrieved then echoed to page No escaping, adding or stripping slashes required. Just use a prepared statement. EG <?php include 'db_inc.php'; $db = pdoConnect('timeclock'); $db->exec("DROP TABLE IF EXISTS test_jimr"); $db->exec("CREATE TABLE IF NOT EXISTS test_jimr ( quotation varchar(50) )"); $txt = ''; if ($_SERVER['REQUEST_METHOD']=='POST') { $res = $db->prepare("INSERT INTO test_jimr VALUES (?)"); $res->execute( [ $_POST['quote'] ] ); // retrieve it and display it $res = $db->query("SELECT quotation FROM test_jimr LIMIT 1 "); $txt = "<p>" . $res->fetchColumn() . "</p>\n"; } ?> <!DOCTYE html> <html> <head> <meta http-equiv="content-language" content="en"> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>Example</title> </head> <body> <h1>Example</h1> <form method="post"> Text: <input type="text" name="quote" size="40" value=""> <input type="submit" name="btnSum" value="Submit"> </form> <br> <hr> <br> <?=$txt?> </body> </html> Edited April 5, 2020 by Barand Quote Link to comment https://forums.phpfreaks.com/topic/310469-escaping-single-quotes-in-text/#findComment-1576386 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.