Solved

php wont update if content has a '

Posted on 2009-07-07
22
176 Views
Last Modified: 2013-12-13
Ive got a form which uses fckeditor.

It works fine but when I add text (content) to the form it wont update if the content has
and apostrophe in it.

Naturally Im going to need to add apostrophes in the contents website so how do I get around this.
0
Comment
Question by:Cheryl Lander
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 9
  • 2
22 Comments
 
LVL 10

Expert Comment

by:Tyler Laczko
ID: 24800418
you cannot use the ' in your code when dealing with the fckeditor
0
 

Author Comment

by:Cheryl Lander
ID: 24800421
So what options do i have?
0
 
LVL 10

Expert Comment

by:Tyler Laczko
ID: 24800474
use \"

remember this is in your code ppl can use ' in the fckeditor
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:Cheryl Lander
ID: 24800484
dont really follow.
0
 

Author Comment

by:Cheryl Lander
ID: 24800526
I find it hard ot believe that you couldt write the following in fckeditor.

today I can't find a html editor.

If so are there any alternatives?
0
 

Author Comment

by:Cheryl Lander
ID: 24800550
Ive just gone onto the fckeditor site and done a test on their demo. It works fine.

                         <p>' &quot;</p>
<br />

So I can only assume its a php code error when inserting it into the database.
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24800698
Hi,

It is simple issue,

you need to replace ' ..

after receiving the text from fckeditor, you have to use replace function to replace the ' to `

 
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24800702

$fcktext = $_POST['fckeditor'];
 
$formatt_text = str_replace($fcktext, "'","`");

Open in new window

0
 

Author Comment

by:Cheryl Lander
ID: 24800705
logudotcom:
not sure where to make this change.

I have my form page, then I have my processing page (insert)
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24800776
you have to make in the processing page...

where you are receiving and insert?
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24800783
if u can, post some code on the processing page, i will modify it?
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24800788
one more suggestion,

even you can apply this function -->mysql_escape_string()

 instead of str_replace(),


<?php
$item = "Zak's Laptop";
$escaped_item = mysql_escape_string($item);
printf("Escaped string: %s\n", $escaped_item);
?>

Open in new window

0
 

Author Comment

by:Cheryl Lander
ID: 24800828
Form page.

    <tr>
      <td valign="top"><div align="right" class="textstandard">
        <div align="left">Information<span class="textRecord"></span></div>
      </div>      </td>
     
      <td valign="top" class="textstandard"><img src="images/icon_circlearrow.gif" width="11" height="11" /></td>
      <td><textarea id="MyTextarea" name="ud_content"><? echo $row["content"]; ?></textarea></td>
    </tr>

------------------------------------------------------------------------

Processing page.
$query="UPDATE pages SET content='$ud_content' WHERE pageid='$ud_pageid'";
0
 

Author Comment

by:Cheryl Lander
ID: 24800834
note I have other form fields but this is the fckeditor form.
0
 
LVL 36

Accepted Solution

by:
Loganathan Natarajan earned 500 total points
ID: 24800877
OK,

add these lines,


$ud_content = $_POST['ud_content'];
 
$ud_content_modified = mysql_escape_string($ud_content);
 
$query="UPDATE pages SET content='$ud_content_modified' WHERE pageid='$ud_pageid'";

Open in new window

0
 

Author Comment

by:Cheryl Lander
ID: 24800891
I went into it and added a ' to the content and processed the code and came back to view an nothing had changed.
0
 

Author Closing Comment

by:Cheryl Lander
ID: 31600939
All ok recoded the page and it works great.

Thanks so much.
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24800932
actually, mysql_escape_string() will help you to safer insert/update... it won't replace '
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24800933
do u need any help again?
0
 

Author Comment

by:Cheryl Lander
ID: 24801351
ok so if you think its better.

Do you want me to open up another question?


actually, mysql_escape_string() will help you to safer insert/update... it won't replace '
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24801561
may be, you can open new question
0
 

Author Comment

by:Cheryl Lander
ID: 24802988
done.
0

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article is meant to give a basic understanding of how to use R Sweave as a way to merge LaTeX and R code seamlessly into one presentable document.
In threads here at EE, each comment has a unique Identifier (ID). It is easy to get the full path for an ID via the right-click context menu. However, we often want to post a short link within a thread rather than the full link. This article shows a…
Learn the basics of strings in Python: declaration, operations, indices, and slicing. Strings are declared with quotations; for example: s = "string": Strings are immutable.: Strings may be concatenated or multiplied using the addition and multiplic…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question