Area_51 Posted April 6, 2003 Share Posted April 6, 2003 I have a small query here, but if it isnt sorted then will become a big problem later on. I have a form which retrieves data from the database and displays it within textboxes, text areas etc. This is information can be edited and works fine. However if a user types in a sentences with quotation marks then the query does not update the database (doesnt execute) e.g. This is a test //works fine if typed in like that \'This is a test\' //an error in the query this info goes into the mySQL database. Thanks J Quote Link to comment Share on other sites More sharing options...
Kriek Posted April 6, 2003 Share Posted April 6, 2003 Yes, MySQL will literally choke on single quotes, double quotes, and backslashes. Fortunately PHP has thought ahead and has provided us with mysql_escape_string() to escape those hazardous characters altogether. Though I\'ve used addslashes() with just as much success. Keep in mind that if magic_quotes_gpc is on in php.ini then PHP will automatically escape those characters in all data from GET and POST which will cover form actions. Hope this helps. Quote Link to comment Share on other sites More sharing options...
Area_51 Posted April 7, 2003 Author Share Posted April 7, 2003 hey thanks alot Kriek! i think you\'ve solved my problem here. Its my fault, as i am too lazy too read the manuals, Thanks again, J Quote Link to comment Share on other sites More sharing options...
Kriek Posted April 7, 2003 Share Posted April 7, 2003 No problem, let me know if you still have trouble. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.