portabletelly Posted May 16, 2007 Share Posted May 16, 2007 Hi, I have a php page which reads in data from a form and updates a mysql colum. Seems to work fine except if the text contains an ' letter then the mysql query spits out die('Error, this didnt work'). Im not sure if the error is because im reading in $text_area_to_update = htmlspecialchars($_POST['text_area']); the text from the form wronge or if its an issue with my $query = "UPDATE customer_site_notes SET text_area='".$text_area_to_update."' WHERE id='".$cust_id."'"; As its a text field talking about a customers site I kind of need to be able to store all these characters. `~!@#$%^&*()[];:'"<>?/.|}{|1234567890 as well as the alphabet. include("connect.php"); include("selectdb.php"); //Define variables from post $text_area_to_update = htmlspecialchars($_POST['text_area']); $cust_id = htmlspecialchars($_POST['hidden_id']); $update = htmlspecialchars($_POST['update']); //Define SQL query to make //$query = "INSERT INTO customer_site_notes (text_area, id) VALUES ('".$text_area_to_update."', '".$cust_id."')"; //mysql_query($query) or die('Error, insert query failed'); //mysql_close($link); $query = "UPDATE customer_site_notes SET text_area='".$text_area_to_update."' WHERE id='".$cust_id."'"; mysql_query($query) or die('Error, this didnt work'); mysql_close($link); Link to comment https://forums.phpfreaks.com/topic/51737-error-in-query-when-updating-data-with-a-apostraphy/ Share on other sites More sharing options...
hitman6003 Posted May 16, 2007 Share Posted May 16, 2007 use mysql_real_escape_string on the variable before putting it into the query... http://www.php.net/mysql_real_escape_string Link to comment https://forums.phpfreaks.com/topic/51737-error-in-query-when-updating-data-with-a-apostraphy/#findComment-254845 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.