473,320 Members | 2,189 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

How to handle apostrophs and semicolons

I've a web page with several input boxes. After the user clicks 'submit' I
insert these data into my MySQL database.
This worked for several months perfect. But today a user entered the street
name
Route d'Yverdon 59

unfortunately the data has not been inserted into my MySQL database because
of the apostroph (') in the name of the street.

I've no idea how to deal with this problem.
Is there any possibility to avoid that my PHP & Java scripts don't interpret
apostrophs (') and semicolons (")?

Stefan
Mar 11 '06 #1
3 1528
Stefan Mueller wrote:
I've a web page with several input boxes. After the user clicks 'submit' I
insert these data into my MySQL database.
This worked for several months perfect. But today a user entered the street
name
Route d'Yverdon 59

unfortunately the data has not been inserted into my MySQL database because
of the apostroph (') in the name of the street.

I've no idea how to deal with this problem.
Is there any possibility to avoid that my PHP & Java scripts don't interpret
apostrophs (') and semicolons (")?


I use PEAR DB with placeholders:

$db->query("insert into users values (?, ?);", array($name, $address));

will always quote the name and address properly. This not only helps to
put the data in the database properly, but also prevents nasty SQL
injection security attacks. JDBC also can use placeholders for SQL
statements.
Mar 11 '06 #2
Stefan Mueller wrote:
I've a web page with several input boxes. After the user clicks 'submit' I
insert these data into my MySQL database.
This worked for several months perfect. But today a user entered the street
name
Route d'Yverdon 59

unfortunately the data has not been inserted into my MySQL database because
of the apostroph (') in the name of the street.

I've no idea how to deal with this problem.
Is there any possibility to avoid that my PHP & Java scripts don't interpret
apostrophs (') and semicolons (")?

Stefan


See mysql_real_escape_string(). Exists just for this purpose.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
Mar 11 '06 #3
I had the same problem with putting author names in a MySQL database
when I got the name O'Henry. I found this in Ullman's book "PHP and
MySQL": It fixed my problem right up. BTW: This is my first MySQL
project so I'm just a beginner. Take my advice with a large grain of
salt. That said, it does work.

In main code
....
$dbc = mysql_connect( ...etc...);
....
$questionable_data=$_POST['some_form_data'];
$good_data = escape_data( $questionable_data );
....

....defined elsewhere...
function escape_data ($data) {
// address Magic Quotes
if (ini_get('magic_quotes_gpc')) {
$data = stripslashes($data);
}
// Check for mysql_real_escape_string() support
if (function_exists('mysql_real_escape_string')) {
global $dbc;
$data = mysql_real_escape_string(trim($data), $dbc);
} else {
$data = mysql_escape_string(trim($data));
}
return $data
} // end escape_data function

--gary shannon

Mar 12 '06 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
by: Mage | last post by:
Hello, I amafraid of I will stop using semicolons in other languages after one or two months of python. However I see that python simply ignores the semicolons atd the end of the lines. ...
7
by: Tony Johansson | last post by:
Hello!! Assume I have a handle body pattern with classes called Handle and Body. In the Body class I store one int value for example 7 or some other integer value. In the Handle class I have...
0
by: Tony Johansson | last post by:
Hello! Here I have two classes these are called Handle and Body and a main. You have the class definition below. Some basic information. In the Handle class is there a pointer to the Body. Each...
1
by: jjbutera | last post by:
How do I escape these? The backslash doesn't seem to be working.
4
by: Prowler | last post by:
In the application we are currently building, we need to write positioning code on-the-fly, based upon the screen offset of the element in the AS/400 application which drives the Web app. The 400,...
2
by: Indiana Epilepsy and Child Neurology | last post by:
Before asking this questions I've spent literally _years_ reading (Meyer, Stroustrup, Holub), googling, asking more general design questions, and just plain thinking about it. I am truly unable to...
27
by: Jeremy Yallop | last post by:
Write a program that takes a C program in source form as input and prints the source code for a program with equivalent behaviour, but without semicolons, on standard output. Please note that...
3
by: Stefan Mueller | last post by:
I've a web page with several input boxes. After the user clicks 'submit' I insert these data into my MySQL database. This worked for several months perfect. But today a user entered the street...
2
weaknessforcats
by: weaknessforcats | last post by:
Handle Classes Handle classes, also called Envelope or Cheshire Cat classes, are part of the Bridge design pattern. The objective of the Bridge pattern is to separate the abstraction from the...
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
0
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.