.Darkman Posted April 9, 2007 Share Posted April 9, 2007 Hello, I am making a small PHP Application. I use a form to submit information to the Database. When i use a single quote (') in the textarea, it gives me an error. My code is : - if (empty($_POST['name'])) { echo '<p><font color="red">You need to enter a Game Title.</font></p>'; $name = ''; } else { $name = $_POST['name']; $name = strip_tags($name, ""); } $platform = $_POST['platform']; if (empty($_POST['cheat'])) { echo '<p><font color="red">You need to enter a Description.</font></p>'; $cheat = ''; } else { $cheat = $_POST['cheat']; $cheat = strip_tags($cheat, "<b><i><s><u><br><a><img>"); } if ($name && $platform && $cheat) { $query = "INSERT INTO cheats (name, platform, cheat, date) VALUES ('$name', '$platform', '$cheat', NOW())"; $result = @mysql_query($query); if ($result) { echo '<p><font color="red">Cheat was added!</font></p>'; } else { echo '<font color="red"><p>Cheat could not be added! Please try again.</p></font>'; } } In the textarea(cheat field) for eg, if i input the following text : Hello everybody, this is the text i entered. This is Darkman's text I get the error : Cheat could not be added! Please try again. But if i enter the following : Hello everybody, this is the text i entered. This is Darkmans text I don't get any error. Whats the problem ? Please help me out. Thanks, Quote Link to comment Share on other sites More sharing options...
esukf Posted April 9, 2007 Share Posted April 9, 2007 Try <?php $query = sprintf("INSERT INTO cheats (name, platform, cheat, date) VALUES ('%s', '%s', '%s', NOW())", mysql_real_escape_string($name), mysql_real_escape_string($platform), mysql_real_escape_string($cheat) ); ?> Quote Link to comment Share on other sites More sharing options...
.Darkman Posted April 10, 2007 Author Share Posted April 10, 2007 Wow ! Thanks a lot. worked like a charm. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.