php wont update if content has a '

Ive got a form which uses fckeditor.

It works fine but when I add text (content) to the form it wont update if the content has
and apostrophe in it.

Naturally Im going to need to add apostrophes in the contents website so how do I get around this.
Cheryl LanderAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Tyler LaczkoCommented:
you cannot use the ' in your code when dealing with the fckeditor
0
Cheryl LanderAuthor Commented:
So what options do i have?
0
Tyler LaczkoCommented:
use \"

remember this is in your code ppl can use ' in the fckeditor
0
Angular Fundamentals

Learn the fundamentals of Angular 2, a JavaScript framework for developing dynamic single page applications.

Cheryl LanderAuthor Commented:
dont really follow.
0
Cheryl LanderAuthor Commented:
I find it hard ot believe that you couldt write the following in fckeditor.

today I can't find a html editor.

If so are there any alternatives?
0
Cheryl LanderAuthor Commented:
Ive just gone onto the fckeditor site and done a test on their demo. It works fine.

                         <p>' &quot;</p>
<br />

So I can only assume its a php code error when inserting it into the database.
0
Loganathan NatarajanLAMP DeveloperCommented:
Hi,

It is simple issue,

you need to replace ' ..

after receiving the text from fckeditor, you have to use replace function to replace the ' to `

 
0
Loganathan NatarajanLAMP DeveloperCommented:

$fcktext = $_POST['fckeditor'];
 
$formatt_text = str_replace($fcktext, "'","`");

Open in new window

0
Cheryl LanderAuthor Commented:
logudotcom:
not sure where to make this change.

I have my form page, then I have my processing page (insert)
0
Loganathan NatarajanLAMP DeveloperCommented:
you have to make in the processing page...

where you are receiving and insert?
0
Loganathan NatarajanLAMP DeveloperCommented:
if u can, post some code on the processing page, i will modify it?
0
Loganathan NatarajanLAMP DeveloperCommented:
one more suggestion,

even you can apply this function -->mysql_escape_string()

 instead of str_replace(),


<?php
$item = "Zak's Laptop";
$escaped_item = mysql_escape_string($item);
printf("Escaped string: %s\n", $escaped_item);
?>

Open in new window

0
Cheryl LanderAuthor Commented:
Form page.

    <tr>
      <td valign="top"><div align="right" class="textstandard">
        <div align="left">Information<span class="textRecord"></span></div>
      </div>      </td>
     
      <td valign="top" class="textstandard"><img src="images/icon_circlearrow.gif" width="11" height="11" /></td>
      <td><textarea id="MyTextarea" name="ud_content"><? echo $row["content"]; ?></textarea></td>
    </tr>

------------------------------------------------------------------------

Processing page.
$query="UPDATE pages SET content='$ud_content' WHERE pageid='$ud_pageid'";
0
Cheryl LanderAuthor Commented:
note I have other form fields but this is the fckeditor form.
0
Loganathan NatarajanLAMP DeveloperCommented:
OK,

add these lines,


$ud_content = $_POST['ud_content'];
 
$ud_content_modified = mysql_escape_string($ud_content);
 
$query="UPDATE pages SET content='$ud_content_modified' WHERE pageid='$ud_pageid'";

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Cheryl LanderAuthor Commented:
I went into it and added a ' to the content and processed the code and came back to view an nothing had changed.
0
Cheryl LanderAuthor Commented:
All ok recoded the page and it works great.

Thanks so much.
0
Loganathan NatarajanLAMP DeveloperCommented:
actually, mysql_escape_string() will help you to safer insert/update... it won't replace '
0
Loganathan NatarajanLAMP DeveloperCommented:
do u need any help again?
0
Cheryl LanderAuthor Commented:
ok so if you think its better.

Do you want me to open up another question?


actually, mysql_escape_string() will help you to safer insert/update... it won't replace '
0
Loganathan NatarajanLAMP DeveloperCommented:
may be, you can open new question
0
Cheryl LanderAuthor Commented:
done.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.