473,320 Members | 1,939 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

single quotes

I am new to php so this might be a real simple question. I have a
form that users are able to input information into and the information
goes into a mysql database table.. But single quotes (apostrophes)
are giving me problems. What can I do about this?

Apr 24 '07 #1
8 1514
charlespb69 wrote:
I am new to php so this might be a real simple question. I have a
form that users are able to input information into and the information
goes into a mysql database table.. But single quotes (apostrophes)
are giving me problems. What can I do about this?
RTFM, and use mysql_real_escape_string() when appropiate. That
means "always".

--
----------------------------------
Iván Sánchez Ortega -ivansanchez-algarroba-escomposlinux-punto-org-

http://acm.asoc.fi.upm.es/~mr/
Proudly running Debian Linux with 2.6.20-1-amd64 kernel, KDE3.5.3, and PHP
5.2.0-10 generating this signature.
Uptime: 20:31:19 up 1 day, 6:50, 2 users, load average: 0.97, 0.79, 0.76

Apr 24 '07 #2
Rik
Iván Sánchez Ortega wrote:
charlespb69 wrote:
>I am new to php so this might be a real simple question. I have a
form that users are able to input information into and the information
goes into a mysql database table.. But single quotes (apostrophes)
are giving me problems. What can I do about this?

RTFM, and use mysql_real_escape_string() when appropiate. That
means "always".
I thought always, always, always :P

(Not true though, often you can use intval()/floatval(), possibly aided
by foreign key checks.)

--
Rik Wasmus
Apr 24 '07 #3
I use variable casting instead when the input should be a number. I don't use intval() or floatval() unless I need a base change.

Also, if you are using MySQLi instead and prefer OOP-style, then your method would be

$mysqliObj->real_escape_string()
Apr 24 '07 #4
Rik wrote:
Iván Sánchez Ortega wrote:
>charlespb69 wrote:
>>I am new to php so this might be a real simple question. I have a
form that users are able to input information into and the information
goes into a mysql database table.. But single quotes (apostrophes)
are giving me problems. What can I do about this?


RTFM, and use mysql_real_escape_string() when appropiate. That
means "always".


I thought always, always, always :P

(Not true though, often you can use intval()/floatval(), possibly aided
by foreign key checks.)
Also, check that magic_quotes (http://php.net/magic_quotes) is
unset.

--
Bruno Barberi Gnecco <brunobg_at_users.sourceforge.net>
Imbalance of power corrupts and monopoly of power corrupts absolutely.
-- Genji
Apr 24 '07 #5
Bruno Barberi Gnecco <br***************@users.sourceforge.netwrote in
news:f0*********@news3.newsguy.com:

>I thought always, always, always :P

(Not true though, often you can use intval()/floatval(), possibly aided
by foreign key checks.)

Also, check that magic_quotes (http://php.net/magic_quotes) is
unset.
and don't do it on arrays themselves
Apr 24 '07 #6
On Apr 24, 11:31 am, Iván Sánchez Ortega <ivansanchez-...@rroba-
escomposlinux.-.punto.-.orgwrote:
charlespb69 wrote:
I am new to php so this might be a real simple question. I have a
form that users are able to input information into and the information
goes into a mysql database table.. But single quotes (apostrophes)
are giving me problems. What can I do about this?

RTFM, and use mysql_real_escape_string() when appropiate. That
means "always".

--
----------------------------------
Iván Sánchez Ortega -ivansanchez-algarroba-escomposlinux-punto-org-

http://acm.asoc.fi.upm.es/~mr/
Proudly running Debian Linux with 2.6.20-1-amd64 kernel, KDE3.5.3, and PHP
5.2.0-10 generating this signature.
Uptime: 20:31:19 up 1 day, 6:50, 2 users, load average: 0.97, 0.79, 0.76
What does RTFM mean - Read the f__cking manual?

Apr 26 '07 #7
charlespb69 wrote:
On Apr 24, 11:31 am, Iván Sánchez Ortega <ivansanchez-...@rroba-
escomposlinux.-.punto.-.orgwrote:
>charlespb69 wrote:
>>I am new to php so this might be a real simple question. I have a
form that users are able to input information into and the information
goes into a mysql database table.. But single quotes (apostrophes)
are giving me problems. What can I do about this?
RTFM, and use mysql_real_escape_string() when appropiate. That
means "always".

--
----------------------------------
Iván Sánchez Ortega -ivansanchez-algarroba-escomposlinux-punto-org-

http://acm.asoc.fi.upm.es/~mr/
Proudly running Debian Linux with 2.6.20-1-amd64 kernel, KDE3.5.3, and PHP
5.2.0-10 generating this signature.
Uptime: 20:31:19 up 1 day, 6:50, 2 users, load average: 0.97, 0.79, 0.76

What does RTFM mean - Read the f__cking manual?
Yes.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
Apr 26 '07 #8
Rik
Jerry Stuckle wrote:
charlespb69 wrote:
>On Apr 24, 11:31 am, Iván Sánchez Ortega <ivansanchez-...@rroba-
escomposlinux.-.punto.-.orgwrote:
>>charlespb69 wrote:
I am new to php so this might be a real simple question. I have a
form that users are able to input information into and the information
goes into a mysql database table.. But single quotes (apostrophes)
are giving me problems. What can I do about this?
RTFM, and use mysql_real_escape_string() when appropiate. That
means "always".

What does RTFM mean - Read the f__cking manual?

Yes.
Or, "Read The Fine Manual" for the faint of heart, just to stress the
manual is really giving a clear answer :-)

--
Rik Wasmus

Estimated date being able to walk again: 01-05-2007.
Less then a week, hurray!
Apr 26 '07 #9

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

5
by: sinister | last post by:
The examples in the online manual all seem to use double quotes, e.g. at http://us3.php.net/preg_replace Why? (The behavior is different with single quotes, and presumably simpler to...
11
by: Jakanapes | last post by:
Hi all, I'm looking for a way to scan a block of text and replace all the double quotes (") with single quotes ('). I'm using PHP to pull text out of a mySQL table and then feed the text into...
4
by: sankofa | last post by:
hi, i can't seem to be able to escape my single quote properly... is it even possible in javascript? this is a portion of my code.. var DLEWIS="Pastor Lewis"; .... Sermon is a yser-defined...
5
by: Joel | last post by:
Hi, I incorporated a function in my code that whenever I use a string variable in an sql statement if the string contains a single quote it will encase it in double quotes else single quotes. ...
4
by: Greg | last post by:
I keep getting an error when I have a tick mark in a text value that I am searching for in my XPath Query. Example: <Authors> <Author LastName="O'Donnel"> <Author LastName="Smith">...
3
by: Jason | last post by:
I have several tables with quite a few fields and I'm getting errors when trying to insert records with single quotes in the data like: name = John O'Henry or a city name of O'Fallen So I went...
7
by: gar | last post by:
Hi, I need to replace all the double quotes (") in a textbox with single quotes ('). I used this code text= Replace(text, """", "'" This works fine (for normal double quotes).The problem...
4
by: Justin Fancy | last post by:
Hi everyone, I need to replace all instances of a double quote(") with two single quotes('') in a text file. I already have some replacements of strings going on, but I tried this one, but the...
4
by: chopin | last post by:
I am using Visual Basic for Applications to convert a number to the same number of single quotes. For example, if the number is 6, then I need 6 single quotes in succession. The logic is easy: ...
2
by: Reporter | last post by:
I got the following example from http://www.evolt.org/article/User_Friendly_Forms_in_PHP/20/60144/index.html : echo '<tr><td>First name:</td><td><input type="text" name="first_name"...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
0
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.