|
PHP - Problem Inputting Data That Has A Single Quote
Hi, I'm trying to type in a name of a song into an input field, for example:
I'll Be Missing you This field is captured through $_POST and set to a variable $title I then update the table with this new title. Once it is updated, all that is shown in the data is: I The single quote, and anything after it is gone completely. Here is my query. How can I change this so it includes the single quote and everything after it? $sql = "UPDATE sheets SET artist = '$artist', title = '$title', active = '$activestatus' WHERE id = $value"; $result = mysql_query($sql) or die(mysql_error().'<br>'.$sql); If more code is required to understand what I'm talking about, let me know. Similar TutorialsI'm so sorry for this question but I not really know how to play with single and double quote. If I have a query like this: Code: [Select] mysql_query('UPDATE table SET Status=1,Sending=Done WHERE ID IN ('.implode(',', $done).')'); And I wish to add Code: [Select] SentAt='$date' in the query as well , and I try this: Code: [Select] mysql_query('UPDATE table SET Status=1,Sending=Done,SentAt='$date' WHERE ID IN ('.implode(',', $done).')'); Not working...how should I write it? Thank you. Hi, I'm trying to delete a string that's single quoted. From: Cyto's to Cyto, but doesn't work. It works when I add 's to the string with stripslashes, but I can't seem to delete a quote from a string. Does someone know how? My $_post code: Code: [Select] $name=mysql_real_escape_string(stripslashes($_POST["ename"])); Cheers I am making a simple script for my friend that uses mod_rewrite, but for testing I don't use the mod_rewrite link. The page is video.php The extension is ?title= I have having a problem when I type the title with a Single Quote in it('). Example. video.php?title=The-Sorcerer's-Apprentice I have str_replace for the dash(-) to be replaced as a space, so that's not the problem. Here's my code. <?php if($_GET) { $title="{$_GET['title']}"; $title = str_replace('_', ' ', $title); $title = str_replace('-', ' ', $title); if ($list = mysql_query("SELECT * FROM videos WHERE title='". mysql_real_escape_string($title) ."'") or die (mysql_error())); { if(mysql_num_rows($list) > 0){ if (mysql_num_rows($list)) { while($videos=mysql_fetch_array($list)) { ?> <div id="content"> <center><h3><?php echo $videos['title']; ?></h3> <object width="640" height="385"><param name="movie" value="<?php echo $videos['youtubelink']; ?>"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="<?php echo $videos['youtubelink']; ?>" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="640" height="385"></embed></object> <br/><br/><a onclick="javascript:history.go(-1)" href="#">Go Back</a> </center> </div> <?php } } } ?> I am trying to do the seemingly simple thing - replace all single quotes in text str_replace ("'", "´", $text); It does not replace anything. I trying escaping single quote, using other similar functions - nope. Also tried to google What I an doing wrong? Any help would ne much appreciated. This will have been posted before, but I can't find a solution that works. Most people say to try mysql_real_escape_string, I have tried lots of variations and it doesn't seem to work. Could anyone help with the below code? It is part of a form that returns a syntax error when adding a single quotation mark e.g. entering "Bryan's" into the form causes the error. I'd be really grateful for any assistance. Steven P.S. Before anyone mentions it, the mysql connect does work - I just haven't included the full page of code. Code: [Select] mysql_connect($dbserver, $dbusername, $dbpassword); mysql_select_db($dbname); $sitetitle = htmlentities($_POST[sitetitle]); $query = mysql_query("UPDATE site_settings SET sitetitle = '$sitetitle'"); echo("<b>Settings Updated!</b>"); I have a form that people can fill out, and then it echos the string, however right now they can't use single quotes. Below is how I have it settup. Code: [Select] $side = '<p>About Me:</p> <ul> <li>Birth Date: October, 23rd, 2010</li> <li>Hometown: Rapid City, SD</li> <li>Height: 4\'</li> <li>Weight: 50lbs</li> <li>Foot Size: 4</li> <li>Favorite Movie: All of the Shrek Movies!</li> <li>Favorite Book: Winnie the Pooh Series</li> <li>Favorite Cartoon Character: Eeyore or Donkey from Shrek!</li> <li>Favorite TV Show: Anything on Animal Planet!</li> <li>Favorite Food: Hay</li> <li>Favorite Pro Sports Team: Rapid City Rush</li> <li>Favorite Mascot: Nugget, of course!</li> <li>Favorite Game: Donkey Kong!<br /> </li> </ul>'; if ($side != NULL){ echo "<div class=\"grid_6\" id=\"tertiary\"> $side </div>"; }else{ } And I would be able to use $side = "whatever I want to write"; because then they would still need to escape the double quotes with \" if they wanted to put in a link or anything. How do I do this with allowing them to just use single quotes when they enter their data so they don't have to \' (escape the single quote)? Thanks Hi, I am able to parse php variable in double quote but not in single quote. How can I parse in single quote. Following example shows 2 results and I want same result in both. First Name : Zohaib First Name : $firstname Code: [Select] // Connecting, selecting database $link = mysql_connect('localhost', 'root', 'password'); mysql_select_db('dbname'); // Performing SQL query $query = 'SELECT first_name FROM tablename'; $result = mysql_query($query); // Printing results in HTML while ($row = mysql_fetch_assoc($result)) { $firstname=$row['first_name']; } echo"<table> <tr> <td>First Name : </td> <td>$firstname</td> </tr></table>"; echo'<table> <tr> <td>First Name : </td> <td>$firstname</td> </tr></table>'; What are the changes I need to do to achieve same result. Any solution ? - Thanks. Let me preface this by saying that I've been using php for a while, but never got extremely advanced, so feel free to slap me about for something stupid... I'm working through a jQuery & PHP book, and I've noticed that he's wrapping all his column and table names in the apostrophe ` when making MySQL queries . In the past I've never done this. What does the ` do? I understand about single quotes and double quotes, but haven't come across the ` being used. What's the deal? Is there a difference between a single quote regex and and double quote regex ?
for example :
<?php
$res1 = preg_match('/shi*t/', $comment);
$res2 = preg_match("/shi*t/", $comment);
?>
Thank you
Edited by Dareros, 17 September 2014 - 07:07 PM. Hi I have a simple form and when the user submits, php is putting a \ before every single quote entered in the field. So for example, if a user enters O'Neill, once i do $lastName = $_POST["lastname"]; $lastName comes back as: O\'Neill is there some way I can turn this off? When I add a ' or " quotes in a textarea I get a sql error when it tries to insert the record.
I was told to use mysqli_real_escape_string but that didn't work.
Here's my code -
$blog= mysqli_real_escape_string($con, $_POST['blog']);
$blog= $_POST['message'];
$sql = "SELECT * FROM table WHERE `message` = '{$message}'";
$result = mysql_query($sql);
if ( mysql_num_rows ( $result ) > 0 )
{
$error = "Message Exists.";
}
else
{
$error = "This message does not exist. Insert it!!!";
$sql="INSERT INTO table (message) VALUES ('$_POST[message])";
}
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
mysqli_close($con)
Edited by barkly, 26 October 2014 - 09:31 PM. This is the second script I’ve installed on the same site and admin has been able to delete from the database, but somehow still can’t insert into database? My config is set right, but can’t understand why two different scripts are having the same issue? Hi.
I have a product database w/ tables each for product series, model, sub-model and optionals. One item in each of these makes up one product. So Series K, Model 7, sub-model 2, optional 3 will be a product called K 7/2-3 .The permutations and combinations of these are all possible products.
In the same db, I have a quotations table. Each quotation has a unique id / record. A quotation can include any number of products : it can have K 7/2-3, KA 561/1-2 , FPN 311/2-1 or it can only have KA 561/1-2 etc.
Now I am stuck. Don't know how to
a. structure the quotations table
b. create a MySQL select so that one statement can make multiple selections . I thought of using a checkbox but that doesn't work either since the series/model/sub model/optionals must chosen sequentially.
Any ideas I can follow thru ?
Many thanks
Swati
I have a table for collecting airline satisfaction survey results(see attached image). I run a query to select the staff field there are 25 rows in this column I run a switch case block to filter out a result set that includes the responses 'poor', 'fair', 'good', and 'excellent' the result set should contain 20 elements Code: [Select] function score_staff() { $staff_count = 0; $result_set_cnt = 0; $query = "SELECT staff FROM flight_survey"; $result = mysql_query($query); while ($get_info = mysql_fetch_row($result)){ foreach ($get_info as $field){ switch($field) { case "poor": $staff_count++; $result_set_cnt++; $exit; case "fair": $staff_count+=2; $result_set_cnt++; $exit; case "good": $staff_count+=3; $result_set_cnt++; $exit; case "excellent": $staff_count+=4; $result_set_cnt++; $exit; drfault: // do nothing } } } echo $staff_count."<br>"; echo $result_set_cnt."<br>"; } For each match I add 1 to the result set so with 20 matches $result_set_cnt should be 20 and not 53 as shown at the bottom of the attached image. The array $get_info bewilders me and I can't seem to access it's elements without putting it in a while loop. Anyway I'm pretty new to php and have a lot to learn. If anyone can explain how I could change the code so that the result set would contain 20 I think I'll be alright. thanks I have stored supplier information in a table and same form user will select multiple products for that supplier and that will be stored in a seperate table against that supplier id. Now when i would like to display all supplier information with muliple products in a single line. Now all the information will be displayed as many time as the products are. How to display all the products in a same line.
Now my display is like this
if(isset($_POST['submit']) && ($_POST['vendor']!='') && ($_POST['item']!=''))
{
$sql="SELECT supplier.id AS sid, supplier.name AS SNAME, supplier.category, supplier.website, supplier.email, supplier.phone, supplier.vat, supplier.pan, supplier_location.id, supplier_location.supplier_id, supplier_location.location, supplier_products.id, supplier_products.supplier_id, supplier_products.product_id, location.loc_id, location.name AS locname, products.product_id, products.name AS pname FROM supplier INNER JOIN supplier_location ON supplier.id = supplier_location.supplier_id INNER JOIN supplier_products ON supplier.id=supplier_products.supplier_id INNER JOIN location ON supplier_location.location = location.loc_id INNER JOIN products ON supplier_products.product_id=products.product_id WHERE supplier.id=".$sup." AND supplier_products.product_id=".$product;
$sql1 = mysql_query($sql) or die(mysql_error());
<table>
<thead><tr>
<th>Vendor ID</th>
<th>Vendor</th>
<th>Category</th>
<th>Website</th>
<th>Email</th>
<th>Phone</th>
<th>Products</th>
<th>Locations</th>
<th>VAT</th>
<th>PAN</th>
</tr>
</thead>
<tbody>
<tr>
<?php
while($row = mysql_fetch_array($sql1))
{
?>
<td><?php echo $row['sid'] ?></td>
<td><?php echo $row['SNAME'] ?></td>
<td><?php echo $row['category'] ?></td>
<td><?php echo $row['website'] ?></td>
<td><?php echo $row['email'] ?></td>
<td><?php echo $row['phone'] ?></td>
<td><?php echo $row['iname']; ?></td>
<td><?php echo $row['locname']; ?></td>
<td><?php echo $row['vat'] ?></td>
<td><?php echo $row['pan'] ?></td>
</tr>
<?php
}
?>
</tbody></table>
}
Hello!
I have five websites on a single server, and each website uses the same geographic data, for instance US zip codes and city/state latitudes and longitudes. Each website uses it's own copy of these "large" tables.
I would like to avoid having to maintain the same data in 5 databases, but I am more concerned with database performance, e.g., the speed at which the data is retrieved for each website.
Question: Should I set up a new separate database that contains the shared tables for all websites and allow each website to connect to this new database for shared data? Or is it better for each website have it's own copy of the duplicate tables?
Thanks for any info!
Cheers
For instance if i set the following 2x variables; "$varOne = $_GET[first_name]" "$varTwo = $_GET[last_name]" "$varThree = $_GET[userid]" how do i insert them both together into a DB field for example: $full = $varOne,$varTwo,$varThree (without the , ) this would then be echo as : joebloggs66985 i have the INSERT in there atm but i wanted to insert first name and last name together with there userid to generate a sort of username possibility. sorry if i didnt explain correcly The subject could be a bit vague, but my problem is simple. (I think so) So I made a php test site that is quite similar to a forum. Where you see a title or a subject and when you click on it you will see more details about that subject. I made my database and script for inserting data into my mySQL database. I also did my output aswell, so every topic is posted on a webpage "archive" where you can see all the subjects. But now I want to see the full details of that type of subject by clicking on it. I have no idea how to make that happen googled it but didn't find any results...just wondering if it's even possible to do that. I'm a new guy here! I have a navigation list displaying which is a mix of html and php, everything is working fine however now I want to convert this block of code into a function but am having major problems with quotes. The line of code I currently have is
$data = $db->query("SELECT * FROM menu")->fetchAll(PDO::FETCH_ASSOC);
foreach ($data as $row) { ?>
<li><a href="<?php echo $row['url']; ?>" title="<?php echo $row['title']; ?>"><?php echo $row['icon'] . ' ' . $row['header']; ?></a></li>
<?php
}
?>
As I say everything works using the above but now I am trying to echo the full li out and am having major issues with single and double quotes. I currently have echo "<li><a href='#' title='the title'><i class='fas fa-user site-nav--icon'></i> Help</a></li>"; Now I am trying to use the $row['url'], $row['title'], $row['icon'] & $row['header'] as per the top example but I cannot get the combination of quote marks correct, whether to use double, single or a combination. I would be grateful if someone could suggest the correct syntax for the a tag then I can work through the rest. Thanks PHP script return 20 UL LIST values like, < ul >
A < /ul > How to display UL LIST into row wise 5 columns like
A B C D |
|||||||