Solved

What's wrong with this Select statement

Posted on 2011-02-23
2
286 Views
Last Modified: 2012-05-11
I've run into a problem that I can't figure out.

My code is below. It works fine unless my event_category has an apostrophe in it. Then, while the code still fires, there won't be any data associated with that category. I can look in the database and see it, but it won't show up on my page.

What do I have to do in order to accommodate the apostrophe? For example, "Women's Ministry." There's something about "Women/'s Ministry" that's messing things up and I don't know what.

Thoughts?
<?php	
					$querystate = "select distinct event_category from calendar order by event_category";
					$resultstate = mysqli_query($cxn, $querystate)
					or die ("Couldn't execute query.");
				
					while ($row=mysqli_fetch_assoc($resultstate))
					{
					extract($row);
					$the_event_category = $event_category;
					?>
					<tr>
					<td colspan="3" bgcolor="blue">
					<font color="white"><?php echo stripslashes($the_event_category); ?></font>
					</td>
					</tr>
					<?php 						
					$bruce="select * from calendar where event_category = '$the_event_category' order by event_date";
					$bruce_query = mysqli_query($cxn, $bruce)
					or die("Couldn't execute query.");
					while($bruce_row = mysqli_fetch_assoc($bruce_query))
					{
					extract($bruce_row);
					?>
					<tr>
					<td>
					<?php echo date("m/d/y", strtotime($event_date)); ?>
					</td>
					<td>					
					<?php echo stripslashes($event_name); ?>
					</td>

Open in new window

0
Comment
Question by:brucegust
2 Comments
 
LVL 142

Accepted Solution

by:
Guy Hengel [angelIII / a3] earned 250 total points
Comment Utility
change:
                              $bruce="select * from calendar where event_category = '$the_event_category' order by event_date";


into:

                              $bruce="select * from calendar where event_category = '" . mysql_real_escape_string($the_event_category) ."' order by event_date";
0
 
LVL 3

Assisted Solution

by:LFLFM
LFLFM earned 250 total points
Comment Utility
use two apostrophe's together.. example:
'this Paul''s string'  becomes:  <  this is Paul's string  >
this is done by replacing ' for '' in your string..
OR better yet, use mysql_real_escape_string($the_event_category).. its MUCH safer, you should always use it

example;
<?php
$tmpstr = mysql_real_escape_string($the_event_category)
$bruce="select * from calendar where event_category = '$mpstr' order by event_date";
					$bruce_query = mysqli_query($cxn, $bruce)

Open in new window

0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Consider the following scenario: You are working on a website and make something great - something that lets the server work with information submitted by your users. This could be anything, from a simple guestbook to a e-Money solution. But what…
This article discusses four methods for overlaying images in a container on a web page
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now