Solved

Insert comment problem

Posted on 2007-04-02
3
171 Views
Last Modified: 2013-12-13
Experts.

I'm having some problems with inserting comment using form with word that contains a   '   , example when trying to insert word like simon's, it gives error.

$Query = "INSERT into classifieds (comment) VALUES( '$comment')";
$result=mysql_query($Query);

I tried to use the solution $comment = str_replace("'", "", "$comment"); it works but simon's will becomes simons. Is there a way to insert word with ' without getting an error and can be display on page?
0
Comment
Question by:keiluko
3 Comments
 
LVL 142

Accepted Solution

by:
Guy Hengel [angelIII / a3] earned 125 total points
ID: 18839498
a minor change, and it will work as requested:
$comment = str_replace("'", "''", "$comment");
$Query = "INSERT into classifieds (comment) VALUES( '$comment')";
$result=mysql_query($Query);

0
 
LVL 24

Expert Comment

by:glcummins
ID: 18839514
Is there a reason you chose not to use addslashes()?

$Query = "INSERT into classifieds (comment) VALUES( '" , addslashes($comment) . "')";

This will preserve your data as-is, and still allow it to be inserted without error.
0
 

Author Comment

by:keiluko
ID: 18839546
glcummins: not sure about addslashes, been using the insert command without addslashes. but thanks I will use it in future project.

Thanks all.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Deprecated and Headed for the Dustbin By now, you have probably heard that some PHP features, while convenient, can also cause PHP security problems.  This article discusses one of those, called register_globals.  It is a thing you do not want.  …
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to dynamically set the form action using jQuery.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now