Jump to content

Needing MAJOR help with adding to a database..


ChambeRFienD

Recommended Posts

Well, I'm having one HECK of a time trying to get my code to work... I'm trying to make it so people can add names to a database, some which will include apostrophes and quotation marks.. I've tried using addslashes, mysql_real_escape_string, and right now my code is a mess with a mixture of both, which is coming out with bad end results.. Currently I am using mysql_real_escape_string for everything going into an SQL query. The problem is, retrieving data from the database comes out with several slashes.. I've been trying to use stripslashes to remove them with no luck.

My question is, what is the best thing to do when trying to insert and remove text into a MySQL database without getting SQL errors?

If anyone would like to see the code, feel free and ask. it's about 3041 lines, but searching for mysql_real_escape_string and stripslashes will show you all of my attempts. =P
Link to comment
Share on other sites

Okay... Using this:
[code]            $search = $_POST['search'];


            echo $search; //Comes out as test\'d when entering test'd


            echo "<h3>Searching owned alts for '$search'</h3>";

            echo "<table cellspacing='0' class='alttable' width='100%'>";

            $get_alts = mysql_query("SELECT * FROM alts_trade WHERE trade_name LIKE '%$search%' ORDER BY trade_name ASC");

            $count = mysql_num_rows($get_alts);

            echo "<font size='-2'>There are $count result(s) that match your search!</font>";

            while($row_alts = mysql_fetch_array($get_alts)) {

                $alt_id = $row_alts['trade_id'];

                $alt_name = stripslashes($row_alts['trade_name']);

                $alt_status = $row_alts['trade_level'];

                $alt_owner = $row_alts['trade_owner'];

                if($altcolor == 0) {

                    $class = 'altcolor1';

                } else if($altcolor == 1) {

                    $class = 'altcolor2';

                }

                switch($alt_status) {

                    case 4:

                        $alt_level = "Not for Trade";

                    break;

                    case 5:

                        $alt_level = "On Hold";

                    break;

                    case 6:

                        $alt_level = "Open for Trade";

                    break;

                }

                $get_owner = mysql_query("SELECT * FROM phpbb_users WHERE user_id=$alt_owner");

                $row_owner = mysql_fetch_array($get_owner);

                $owner_name = $row_owner['username'];

                echo "<tr><td class='$class'><a href='?page=alt&amp;alt=$alt_id'>$alt_name</a> - $alt_level - Owned by: <a href='profile.php?mode=viewprofile&amp;u=$alt_owner'>$owner_name</a>&nbsp - &nbsp;";

                if($user_level > 0) {

                    echo "<a href='?page=edit_alts&amp;mode=admin&amp;alt=$alt_id'>Edit Me</a> | <a href='?page=edit_alts&amp;mode=admin&amp;f=delete&amp;alt=$alt_id'>Delete Me</a>";

                }

                echo "</td></tr>";

                

                if($altcolor == 0) {

                    $altcolor++;

                } else if($altcolor == 1) {

                    $altcolor--;

                }

            }

            echo "</table>";
[/code]

In my database, I have this: test\'d

BUT, it comes up with no results.. Echoing $search comes out with test\'d.. Even before I addslashes.
Link to comment
Share on other sites

[!--quoteo(post=368709:date=Apr 25 2006, 10:47 PM:name=redarrow)--][div class=\'quotetop\']QUOTE(redarrow @ Apr 25 2006, 10:47 PM) [snapback]368709[/snapback][/div][div class=\'quotemain\'][!--quotec--]
Show your form for inserting data
[/quote]

[code]    <form action='?page=search' method='post'>

    Search:<br />

    <input type='text' name='search' class='input_box' /> <br />

    <input name='function' value='owned' checked='checked' type='radio' /> Owned Alts<br />

    <input name='function' value='wanted' type='radio' /> Wanted Alts<br />

    <input name='function' value='users' type='radio' /> Users<br />

    <br />

    <input type='submit' value='Search' />

    </form>[/code]
Link to comment
Share on other sites

[!--quoteo(post=368716:date=Apr 25 2006, 11:14 PM:name=redarrow)--][div class=\'quotetop\']QUOTE(redarrow @ Apr 25 2006, 11:14 PM) [snapback]368716[/snapback][/div][div class=\'quotemain\'][!--quotec--]
$alt_id = $row_alts['trade_id'\];

$alt_name = stripslashes($row_alts['trade_name']);

$alt_status = $row_alts['trade_level'\];

$alt_owner = $row_alts['trade_owner'\];

what about back slash
[/quote]

Hmm? Still kinda new to PHP. =P
Link to comment
Share on other sites

[!--quoteo(post=368994:date=Apr 26 2006, 04:55 PM:name=kenrbnsn)--][div class=\'quotetop\']QUOTE(kenrbnsn @ Apr 26 2006, 04:55 PM) [snapback]368994[/snapback][/div][div class=\'quotemain\'][!--quotec--]
What do you me by

Ken
[/quote]

Well, if I try using the search function above with an apostrophe in it, slashes show up there. Slashes are showing up in results from my MySQL queries..

All I want is a good way to make it so I can have data inserted into a database that may include apostrophies, quotations, and more, and not have slashes show up when pulling them from the database..
Link to comment
Share on other sites

[!--quoteo(post=368999:date=Apr 26 2006, 05:14 PM:name=kenrbnsn)--][div class=\'quotetop\']QUOTE(kenrbnsn @ Apr 26 2006, 05:14 PM) [snapback]368999[/snapback][/div][div class=\'quotemain\'][!--quotec--]
When you insert data into the database use
[code]<?php mysql_real_escape_string(stripslashes($data)) ?>[/code]

Ken
[/quote]

Thanks much! I'll give that a shot.
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.