?
Solved

What's wrong with this Select statement

Posted on 2011-02-23
2
Medium Priority
?
293 Views
Last Modified: 2012-05-11
I've run into a problem that I can't figure out.

My code is below. It works fine unless my event_category has an apostrophe in it. Then, while the code still fires, there won't be any data associated with that category. I can look in the database and see it, but it won't show up on my page.

What do I have to do in order to accommodate the apostrophe? For example, "Women's Ministry." There's something about "Women/'s Ministry" that's messing things up and I don't know what.

Thoughts?
<?php	
					$querystate = "select distinct event_category from calendar order by event_category";
					$resultstate = mysqli_query($cxn, $querystate)
					or die ("Couldn't execute query.");
				
					while ($row=mysqli_fetch_assoc($resultstate))
					{
					extract($row);
					$the_event_category = $event_category;
					?>
					<tr>
					<td colspan="3" bgcolor="blue">
					<font color="white"><?php echo stripslashes($the_event_category); ?></font>
					</td>
					</tr>
					<?php 						
					$bruce="select * from calendar where event_category = '$the_event_category' order by event_date";
					$bruce_query = mysqli_query($cxn, $bruce)
					or die("Couldn't execute query.");
					while($bruce_row = mysqli_fetch_assoc($bruce_query))
					{
					extract($bruce_row);
					?>
					<tr>
					<td>
					<?php echo date("m/d/y", strtotime($event_date)); ?>
					</td>
					<td>					
					<?php echo stripslashes($event_name); ?>
					</td>

Open in new window

0
Comment
Question by:brucegust
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 143

Accepted Solution

by:
Guy Hengel [angelIII / a3] earned 1000 total points
ID: 34964831
change:
                              $bruce="select * from calendar where event_category = '$the_event_category' order by event_date";


into:

                              $bruce="select * from calendar where event_category = '" . mysql_real_escape_string($the_event_category) ."' order by event_date";
0
 
LVL 3

Assisted Solution

by:LFLFM
LFLFM earned 1000 total points
ID: 34964864
use two apostrophe's together.. example:
'this Paul''s string'  becomes:  <  this is Paul's string  >
this is done by replacing ' for '' in your string..
OR better yet, use mysql_real_escape_string($the_event_category).. its MUCH safer, you should always use it

example;
<?php
$tmpstr = mysql_real_escape_string($the_event_category)
$bruce="select * from calendar where event_category = '$mpstr' order by event_date";
					$bruce_query = mysqli_query($cxn, $bruce)

Open in new window

0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Popularity Can Be Measured Sometimes we deal with questions of popularity, and we need a way to collect opinions from our clients.  This article shows a simple teaching example of how we might elect a favorite color by letting our clients vote for …
I imagine that there are some, like me, who require a way of getting currency exchange rates for implementation in web project from time to time, so I thought I would share a solution that I have developed for this purpose. It turns out that Yaho…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to count occurrences of each item in an array.
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question