Solved

php wont update if content has a '

Posted on 2009-07-07
22
175 Views
Last Modified: 2013-12-13
Ive got a form which uses fckeditor.

It works fine but when I add text (content) to the form it wont update if the content has
and apostrophe in it.

Naturally Im going to need to add apostrophes in the contents website so how do I get around this.
0
Comment
Question by:Cheryl Lander
  • 11
  • 9
  • 2
22 Comments
 
LVL 10

Expert Comment

by:Tyler Laczko
ID: 24800418
you cannot use the ' in your code when dealing with the fckeditor
0
 

Author Comment

by:Cheryl Lander
ID: 24800421
So what options do i have?
0
 
LVL 10

Expert Comment

by:Tyler Laczko
ID: 24800474
use \"

remember this is in your code ppl can use ' in the fckeditor
0
Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

 

Author Comment

by:Cheryl Lander
ID: 24800484
dont really follow.
0
 

Author Comment

by:Cheryl Lander
ID: 24800526
I find it hard ot believe that you couldt write the following in fckeditor.

today I can't find a html editor.

If so are there any alternatives?
0
 

Author Comment

by:Cheryl Lander
ID: 24800550
Ive just gone onto the fckeditor site and done a test on their demo. It works fine.

                         <p>' &quot;</p>
<br />

So I can only assume its a php code error when inserting it into the database.
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24800698
Hi,

It is simple issue,

you need to replace ' ..

after receiving the text from fckeditor, you have to use replace function to replace the ' to `

 
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24800702

$fcktext = $_POST['fckeditor'];
 
$formatt_text = str_replace($fcktext, "'","`");

Open in new window

0
 

Author Comment

by:Cheryl Lander
ID: 24800705
logudotcom:
not sure where to make this change.

I have my form page, then I have my processing page (insert)
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24800776
you have to make in the processing page...

where you are receiving and insert?
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24800783
if u can, post some code on the processing page, i will modify it?
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24800788
one more suggestion,

even you can apply this function -->mysql_escape_string()

 instead of str_replace(),


<?php
$item = "Zak's Laptop";
$escaped_item = mysql_escape_string($item);
printf("Escaped string: %s\n", $escaped_item);
?>

Open in new window

0
 

Author Comment

by:Cheryl Lander
ID: 24800828
Form page.

    <tr>
      <td valign="top"><div align="right" class="textstandard">
        <div align="left">Information<span class="textRecord"></span></div>
      </div>      </td>
     
      <td valign="top" class="textstandard"><img src="images/icon_circlearrow.gif" width="11" height="11" /></td>
      <td><textarea id="MyTextarea" name="ud_content"><? echo $row["content"]; ?></textarea></td>
    </tr>

------------------------------------------------------------------------

Processing page.
$query="UPDATE pages SET content='$ud_content' WHERE pageid='$ud_pageid'";
0
 

Author Comment

by:Cheryl Lander
ID: 24800834
note I have other form fields but this is the fckeditor form.
0
 
LVL 36

Accepted Solution

by:
Loganathan Natarajan earned 500 total points
ID: 24800877
OK,

add these lines,


$ud_content = $_POST['ud_content'];
 
$ud_content_modified = mysql_escape_string($ud_content);
 
$query="UPDATE pages SET content='$ud_content_modified' WHERE pageid='$ud_pageid'";

Open in new window

0
 

Author Comment

by:Cheryl Lander
ID: 24800891
I went into it and added a ' to the content and processed the code and came back to view an nothing had changed.
0
 

Author Closing Comment

by:Cheryl Lander
ID: 31600939
All ok recoded the page and it works great.

Thanks so much.
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24800932
actually, mysql_escape_string() will help you to safer insert/update... it won't replace '
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24800933
do u need any help again?
0
 

Author Comment

by:Cheryl Lander
ID: 24801351
ok so if you think its better.

Do you want me to open up another question?


actually, mysql_escape_string() will help you to safer insert/update... it won't replace '
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24801561
may be, you can open new question
0
 

Author Comment

by:Cheryl Lander
ID: 24802988
done.
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit (http://en.wikipedia.org/wiki/PHPUnit) and similar technologies have enjoyed wide adoption, making it possib…
Active Directory replication delay is the cause to many problems.  Here is a super easy script to force Active Directory replication to all sites with by using an elevated PowerShell command prompt, and a tool to verify your changes.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question