snackiesmores Posted March 22, 2006 Share Posted March 22, 2006 Hello,I think this question has a simple answer, yet it eludes me.. First time working with PHP, so I have a bit of a learning curve. I have a basic reporting tool that uses Apache/PHP with a MySQL back end DB. The forms are fairly simple, some text boxes and such. Submitting the form works just fine unless a field has a [b]'[/b] (tick mark) in it, such as:[!--coloro:#CC0000--][span style=\"color:#CC0000\"][!--/coloro--].....The box contains a [b]'[/b]widget[b]'[/b] of sorts......[!--colorc--][/span][!--/colorc--]When a tick mark exists in the text of any field, NOTHING in the entire form gets pushed. I can only assume the problem is that when the submission query string is assembled, that the SQL processer thinks that the tick mark is actually part of the SQL statement, and not body text itself. My question is, do i need to write a routine that searches for a [b]'[/b] and replaces it with [b]\'[/b] ? or is there a PHP text pre-processer function (or something like that) that i can run chunk of text through that cleans it up? i.e., something that converts a [b]"[/b] (quotation mark) to [b]"e;[/b] in XML. Link to comment https://forums.phpfreaks.com/topic/5504-insertupdate-into-mysql-database/ Share on other sites More sharing options...
snackiesmores Posted March 22, 2006 Author Share Posted March 22, 2006 mmph.. no advice? only 2 looks other than myself :( i'm still actively searching for a solution but i dont think google likes my search phrases :P Link to comment https://forums.phpfreaks.com/topic/5504-insertupdate-into-mysql-database/#findComment-19736 Share on other sites More sharing options...
kenrbnsn Posted March 22, 2006 Share Posted March 22, 2006 When adding anything into a text (or varchar) field in MySQL you should always use either [a href=\"http://www.php.net/addslashes\" target=\"_blank\"]addslashes[/a]() or [a href=\"http://www.php.net/mysql_real_escape_string\" target=\"_blank\"]mysql_real_escape_string[/a]() on the values.I prefer mysql_real_escape_string().Ken Link to comment https://forums.phpfreaks.com/topic/5504-insertupdate-into-mysql-database/#findComment-19739 Share on other sites More sharing options...
snackiesmores Posted March 22, 2006 Author Share Posted March 22, 2006 ah thank you very much. I'll try that as soon as i get back to my dev machine :) Link to comment https://forums.phpfreaks.com/topic/5504-insertupdate-into-mysql-database/#findComment-19740 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.