portabletelly Posted May 16, 2007 Share Posted May 16, 2007 Hi, I have a php page which reads in data from a form and updates a mysql colum. Seems to work fine except if the text contains an ' letter then the mysql query spits out die('Error, this didnt work'). Im not sure if the error is because im reading in $text_area_to_update = htmlspecialchars($_POST['text_area']); the text from the form wronge or if its an issue with my $query = "UPDATE customer_site_notes SET text_area='".$text_area_to_update."' WHERE id='".$cust_id."'"; As its a text field talking about a customers site I kind of need to be able to store all these characters. `~!@#$%^&*()[];:'"<>?/.|}{|1234567890 as well as the alphabet. include("connect.php"); include("selectdb.php"); //Define variables from post $text_area_to_update = htmlspecialchars($_POST['text_area']); $cust_id = htmlspecialchars($_POST['hidden_id']); $update = htmlspecialchars($_POST['update']); //Define SQL query to make //$query = "INSERT INTO customer_site_notes (text_area, id) VALUES ('".$text_area_to_update."', '".$cust_id."')"; //mysql_query($query) or die('Error, insert query failed'); //mysql_close($link); $query = "UPDATE customer_site_notes SET text_area='".$text_area_to_update."' WHERE id='".$cust_id."'"; mysql_query($query) or die('Error, this didnt work'); mysql_close($link); Quote Link to comment https://forums.phpfreaks.com/topic/51737-error-in-query-when-updating-data-with-a-apostraphy/ Share on other sites More sharing options...
hitman6003 Posted May 16, 2007 Share Posted May 16, 2007 use mysql_real_escape_string on the variable before putting it into the query... http://www.php.net/mysql_real_escape_string Quote Link to comment https://forums.phpfreaks.com/topic/51737-error-in-query-when-updating-data-with-a-apostraphy/#findComment-254845 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.