Why dont quotation marks work in forms? ( ' )

[Area_51]

I have a small query here, but if it isnt sorted then will become a big problem later on. I have a form which retrieves data from the database and displays it within textboxes, text areas etc.

 

This is information can be edited and works fine. However if a user types in a sentences with quotation marks then the query does not update the database (doesnt execute) e.g.

 

This is a test //works fine if typed in like that

 

\'This is a test\' //an error in the query

 

this info goes into the mySQL database.

 

Thanks

 

J

[Kriek]

Yes, MySQL will literally choke on single quotes, double quotes, and backslashes. Fortunately PHP has thought ahead and has provided us with mysql_escape_string() to escape those hazardous characters altogether. Though I\'ve used addslashes() with just as much success. Keep in mind that if magic_quotes_gpc is on in php.ini then PHP will automatically escape those characters in all data from GET and POST which will cover form actions. Hope this helps.

[Area_51]

hey thanks alot Kriek! i think you\'ve solved my problem here. Its my fault, as i am too lazy too read the manuals,

 

Thanks again,

 

J

[Kriek]

No problem, let me know if you still have trouble.