Hi,
I am creating a tool with PHP as front end and SQL Server as back end. I have some values to be inserted into the DB which contains the character ( ' ) i.e single quote.
I had errors when i tried to insert such values into the DB. So I used the replace() fn to replace a single single quote ( ' ) by two single quotes ( '' ). I was successful in it also. Values got inserted successfully.
But the problem now arises while trying to retrieve the values from the DB. A normal select query didn't work out. For example: -
$query="select name from Table1";
-
$result=mssql_query($query);
-
$row=mssql_fetch_row($result);
-
$name=$row[0];
-
Consider the value of name here to be abc'def.
Please help me out with this.
Thanks in advance.
14  2296 
it is never a good idea to name DB fields with reserved characters…
try enclosing the name in backticks (`, `).
Actually the field is a comments field where the user will give his input. It can also contain the single quote( ' ) which is the apostrophe character.
So you mean to say I should use back slash.. Ok...I will try out..
hi,
Can you post any samples which use that back slashes for my reference?
Thanks in advance.
looks like the content was not properly escaped when inserting the value. go safe and use prepared statements.
in SQL special characters are escaped using the backslash.
What do you mean by a back tick? Can you please explain me.?
Thanks in advance.
some mis-reading of mine, you can use backticks to "escape" the field names. - SELECT `field name` FROM table
see answer above.
Hi,
I tried using " " for the fields. If you execute the following in SQL Query analyzer it works!!! -
select "competitor_name" from Competitor
-
But in PHP you are going to include the above query as a string. So here the problem arises. -
$query="select "competitor_name" from Competitor";
-
In the above code, the double quotes get mixed up resulting in errors.
Please help me out.
Thanks in advance.
as already stated field name may only be quoted by backticks (the double quotes terminate your sql string giving you an 'unexpected string' PHP error)
You need to escape single quotes, double quotes, new line characters, etc.
Check out what mysql_real_escape_string() does, and implement a version of your own for mssql.
Hi,
I am not able to understand the backtick character.. Can you please explain me the same.?
Thanks in advance.
@Dormilich
Just showing some different options, dormilich. Words like 'Prepared Statements' can seem intimidating to newbies.
I want to point out a (common) problem, you might sooner or later (hopefully never) be confronted with: SQL Injection (an attack technique to take over/exploit your database).
Once you're getting comfortable with using your database, I recommend reading more of that topic ( some links from google) and how to work against it ( again google). (…or just ask the experts at Bytes)
regards
Sign in to post your reply or Sign up for a free account.
Similar topics
by: Alban Hertroys |
last post by:
Hello,
I'm using psycopg to insert records in a number of threads. After the
threads finish, another thread runs to collect the inserted data. Now,
my problem is that psycopg let's my threads...
|
by: DarthMacgyver |
last post by:
Hello,
I recently wrote a survey application. Each question is very similar.
The first questions gives me a problem when there are multiple people
taking the survey (The Database connection...
|
by: Dave |
last post by:
I'm crossposting this to both comp.lang.c++ and gnu.gcc because I'm not
sure if this is correct behavior or not, and I'm using the gcc STL and
compiler.
When calling vector<int>::push_back(0),...
|
by: Krishna |
last post by:
Hi, I have developed a for dataentry by using datagird in C# windows
application, I am using combocolumns, textbox columns for the same,
two readonly textboxcolumns for those readonly columns i...
|
by: Light |
last post by:
Hi all,
I posted this question in the sqlserver.newusers group but I am not getting
any response there so I am going to try it on the fine folks here:).
I inherited some legacy ASP codes in my...
|
by: veerapureddy |
last post by:
Hai everybody,
i like to insert some records into database from html form by entering data.my problem is how can i check , whether a record is available in database about a particular...
|
by: Surya |
last post by:
Dear All,
I have problem on inserting a record to database..Although it looked
easy.. i have caught up with following issue .. please go ahead and
help me to find solution
I Need to insert...
|
by: boss1 |
last post by:
Hi all,
i m having a problem with inserting data in oracle db.
When i use form action =(call self page) then data is inserting properly.But problem with when using form...
|
by: AlexanderDeLarge |
last post by:
Hi!
I got a problem that's driving me crazy and I'm desperately in need of help.
I'll explain my scenario:
I'm doing a database driven site for a band, I got these tables for their discography...
|
by: rejath |
last post by:
i wrote a php page to insert data into mysql database....first it seemed ok and was inserting currectly ..after inserting abt 10 to 12 rows inside the table in my database...it stopped inserting...(i...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
| |
