[SOLVED] Inserting apostrophes into MySQL field...

[Chappers]

Hi,

 

Trying to insert a height input into a MySQL table's field:

 

<select class='normal' name='height' size='1'>
<option value='5\''>5'</option>
<option value='5\'1\"'>5'1"</option>
</select>

 

the height variable is then inserted into the database. Looking at the table afterwards with phpMyAdmin shows that it contains only: 4\

 

I'm escaping the apostrophes and speech marks for obvious reasons, but I imagine there's a proper way of doing this. Of course, selecting the height field from the database and echoing it to the page also just shows: 4\

 

Thanks for any help

[teng84]

try not to escape the ' and i think it will still work

 

works fin on me

[trq]

Dont bother escaping the data in your form fields, use mysql_real_escape_string to escape the data prior to inserting.

[Chappers]

Thanks a lot for that information. Could I just quickly pick your brains again please?

 

Can't get this if statement to work:

 

if ($current != 'employed' || 'unemployed') {
echo "Neither";
}

 

Whereas if I were to use one like this, with an equal instead of not equal, it works fine:

 

if ($current == 'employed' || 'unemployed') {
echo "Both";
}

 

What am I doing wrong?

[teng84]

if ($current != 'employed' || $current != 'unemployed') {

echo "Neither";

}

[Chappers]

Hi, I tried that also but it doesn't work for me.

 

Just discovered that the answers to my original question about the apostrophes don't work. Since the form field uses apostrophes or speech marks for the data fields, any further use of them within that field is taken as an end to the entry, ie:

 

<option value='5'1"'>5'1"</option>

 

So my 5'1" is seen just as 5

[Chappers]

Can anyone help with either of the above problems, please? No solutions so far work.

 

Thanks

[Chappers]

Worked it out at last by myself!

 

Here's how I've done it:

 

<select class='normal' name='height' size='1'>
<option value='4f'>4'</option>
<option value='4f1i'>4'1"</option>
<option value='4f2i'>4'2"</option>
</select>

$arr = array("f", "i");
$arr2 = array("\'", "\"");
$height = $_POST['height'];
$height = str_replace($arr,$arr2,$height);
$height2 = str_replace("\'","'",$height);

 

The $height variable is inserted as it is into the MySQL database. $height2 is for echoing onto the page to show it's worked alright and to show what's just been sent to the database. Because $height displays as, for example: 5\'3" (apostrophe still showing the escape symbol because the echo only cares about quotes being escaped, whereas MySQL needs apostrophes and quotes escaped.), I then have $height2 having \' replaced with just an apostrophe.

 

Result.