jpratt Posted August 24, 2007 Share Posted August 24, 2007 I have quite a few field where the user may type in a' or a ". how do I format the string so it inputs it into the database appropriately? Thanks. Quote Link to comment Share on other sites More sharing options...
teng84 Posted August 24, 2007 Share Posted August 24, 2007 <?php $str = "Is your name O'reilly?"; // Outputs: Is your name O\'reilly? echo addslashes($str); ?> also try http://www.php.net/manual/en/function.mysql-real-escape-string.php Quote Link to comment Share on other sites More sharing options...
pocobueno1388 Posted August 24, 2007 Share Posted August 24, 2007 Definitely go with the mysql_real_escape_string() function, that is what is was made to do. Quote Link to comment Share on other sites More sharing options...
jpratt Posted August 24, 2007 Author Share Posted August 24, 2007 $comment = $_POST['comment']; $sql = "INSERT INTO medjournal (comment) VALUES ('$comment')"; Here is a sample. I cannot use mysql_real_escape_string as i am using a sqlite db using pdo. Can anyone give me an example using this bit of code? Thanks. Quote Link to comment Share on other sites More sharing options...
teng84 Posted August 24, 2007 Share Posted August 24, 2007 $comment = addslashes($_POST['comment']); $sql = "INSERT INTO medjournal (comment) VALUES ('$comment')"; Quote Link to comment Share on other sites More sharing options...
jpratt Posted August 24, 2007 Author Share Posted August 24, 2007 I tried addslashes, but it still gives an error when using ' but works fine inserting " Quote Link to comment Share on other sites More sharing options...
teng84 Posted August 24, 2007 Share Posted August 24, 2007 what ? is this solved already? Quote Link to comment Share on other sites More sharing options...
jpratt Posted August 24, 2007 Author Share Posted August 24, 2007 no, im still getting an error when a ' is entered. I tried using addslashes but still get the error. addslashes worked for " but not ' Quote Link to comment Share on other sites More sharing options...
teng84 Posted August 24, 2007 Share Posted August 24, 2007 http://www.php.net/manual/en/function.htmlspecialchars.php try Quote Link to comment Share on other sites More sharing options...
jpratt Posted August 24, 2007 Author Share Posted August 24, 2007 Thanks, that did it. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.