Jump to content

Why dont quotation marks work in forms? ( ' )


Area_51

Recommended Posts

I have a small query here, but if it isnt sorted then will become a big problem later on. I have a form which retrieves data from the database and displays it within textboxes, text areas etc.

 

This is information can be edited and works fine. However if a user types in a sentences with quotation marks then the query does not update the database (doesnt execute) e.g.

 

This is a test //works fine if typed in like that

 

\'This is a test\' //an error in the query

 

this info goes into the mySQL database.

 

Thanks

 

J

Link to comment
https://forums.phpfreaks.com/topic/312-why-dont-quotation-marks-work-in-forms/
Share on other sites

Yes, MySQL will literally choke on single quotes, double quotes, and backslashes. Fortunately PHP has thought ahead and has provided us with mysql_escape_string() to escape those hazardous characters altogether. Though I\'ve used addslashes() with just as much success. Keep in mind that if magic_quotes_gpc is on in php.ini then PHP will automatically escape those characters in all data from GET and POST which will cover form actions. Hope this helps.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.