Solved

php wont update if content has a '

Posted on 2009-07-07
22
168 Views
Last Modified: 2013-12-13
Ive got a form which uses fckeditor.

It works fine but when I add text (content) to the form it wont update if the content has
and apostrophe in it.

Naturally Im going to need to add apostrophes in the contents website so how do I get around this.
0
Comment
Question by:Cheryl Lander
  • 11
  • 9
  • 2
22 Comments
 
LVL 10

Expert Comment

by:Tyler Laczko
ID: 24800418
you cannot use the ' in your code when dealing with the fckeditor
0
 

Author Comment

by:Cheryl Lander
ID: 24800421
So what options do i have?
0
 
LVL 10

Expert Comment

by:Tyler Laczko
ID: 24800474
use \"

remember this is in your code ppl can use ' in the fckeditor
0
 

Author Comment

by:Cheryl Lander
ID: 24800484
dont really follow.
0
 

Author Comment

by:Cheryl Lander
ID: 24800526
I find it hard ot believe that you couldt write the following in fckeditor.

today I can't find a html editor.

If so are there any alternatives?
0
 

Author Comment

by:Cheryl Lander
ID: 24800550
Ive just gone onto the fckeditor site and done a test on their demo. It works fine.

                         <p>' &quot;</p>
<br />

So I can only assume its a php code error when inserting it into the database.
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24800698
Hi,

It is simple issue,

you need to replace ' ..

after receiving the text from fckeditor, you have to use replace function to replace the ' to `

 
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24800702

$fcktext = $_POST['fckeditor'];
 

$formatt_text = str_replace($fcktext, "'","`");

Open in new window

0
 

Author Comment

by:Cheryl Lander
ID: 24800705
logudotcom:
not sure where to make this change.

I have my form page, then I have my processing page (insert)
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24800776
you have to make in the processing page...

where you are receiving and insert?
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24800783
if u can, post some code on the processing page, i will modify it?
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24800788
one more suggestion,

even you can apply this function -->mysql_escape_string()

 instead of str_replace(),


<?php

$item = "Zak's Laptop";

$escaped_item = mysql_escape_string($item);

printf("Escaped string: %s\n", $escaped_item);

?>

Open in new window

0
 

Author Comment

by:Cheryl Lander
ID: 24800828
Form page.

    <tr>
      <td valign="top"><div align="right" class="textstandard">
        <div align="left">Information<span class="textRecord"></span></div>
      </div>      </td>
     
      <td valign="top" class="textstandard"><img src="images/icon_circlearrow.gif" width="11" height="11" /></td>
      <td><textarea id="MyTextarea" name="ud_content"><? echo $row["content"]; ?></textarea></td>
    </tr>

------------------------------------------------------------------------

Processing page.
$query="UPDATE pages SET content='$ud_content' WHERE pageid='$ud_pageid'";
0
 

Author Comment

by:Cheryl Lander
ID: 24800834
note I have other form fields but this is the fckeditor form.
0
 
LVL 36

Accepted Solution

by:
Loganathan Natarajan earned 500 total points
ID: 24800877
OK,

add these lines,



$ud_content = $_POST['ud_content'];
 

$ud_content_modified = mysql_escape_string($ud_content);
 

$query="UPDATE pages SET content='$ud_content_modified' WHERE pageid='$ud_pageid'";

Open in new window

0
 

Author Comment

by:Cheryl Lander
ID: 24800891
I went into it and added a ' to the content and processed the code and came back to view an nothing had changed.
0
 

Author Closing Comment

by:Cheryl Lander
ID: 31600939
All ok recoded the page and it works great.

Thanks so much.
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24800932
actually, mysql_escape_string() will help you to safer insert/update... it won't replace '
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24800933
do u need any help again?
0
 

Author Comment

by:Cheryl Lander
ID: 24801351
ok so if you think its better.

Do you want me to open up another question?


actually, mysql_escape_string() will help you to safer insert/update... it won't replace '
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24801561
may be, you can open new question
0
 

Author Comment

by:Cheryl Lander
ID: 24802988
done.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Foreword (July, 2015) Since I first wrote this article, years ago, a great many more people have begun using the internet.  They are coming online from every part of the globe, learning, reading, shopping and spending money at an ever-increasing ra…
This article discusses how to create an extensible mechanism for linked drop downs.
Learn the basics of lists in Python. Lists, as their name suggests, are a means for ordering and storing values. : Lists are declared using brackets; for example: t = [1, 2, 3]: Lists may contain a mix of data types; for example: t = ['string', 1, T…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now